Senior Cyber Securité Engineer

Summary

Join Contentsquare's security team as a Cyber Security Engineer and take a leadership role in responding to security incidents. You will develop security tools, maintain security alerts, audit the technical platform, and improve threat response capabilities. Collaborate with multiple teams to address security events, evaluate security trends, and manage detection capabilities. The role requires strong communication skills, experience with SIEM and incident platforms, and a deep understanding of security concepts. This position offers work flexibility, generous paid time off, parental leave, wellbeing allowances, stock options, and various employee resource groups. The location is Paris (France), Barcelona (Spain), or remote.

Requirements

• 3-5 years of previous practical experience on Security Operations, especially experience coordinating responses to security incidents
• Experience in building effective partnerships with internal customers
• Experience building out detection and response programs for a SaaS or cloud-native company
• Solid experience with developing security toolings and integrating security layers toDevops pipelines
• Extensive knowledge of web protocols, security issues, common attacks, Linux/Unix tools, cloud architectures and threat landscape
• Expertise with Security Information and Event Management (SIEM) and incident platforms, such as: Google SecOps, PagerDuty
• Deep knowledge of our technical stack and how to secure it
• AWS and Azure
• Kubernetes / Docker
• Ansible, Helm, Terraform
• Datadog ASM as WAF, Google SecOps
• Github Action, ArgoCD
• Solid scripting skills: shell, python
• Nestjs, Vuejs, Reactjs
• Strong understanding of security concepts, standard methodologies and how to apply them, such as SSH, public key encryption, access credentials, certificates, TLS, data encryption, OWASP top 10
• Analytical skills, Autonomy and Accountability
• Fluent in English (French is a plus)

Responsibilities

• Confidently and intelligently respond to security incidents, and proactively consider how to prevent the same type of incidents from occurring in the future
• Develop security utilities and tools for internal use that enable you and your fellow Security Engineers to operate at high speed and wide scale
• Design and maintain a portfolio of security alerts, automated actions and escalation workflows in support of a high-performing 24/7 incident response capability
• Constantly audit our technical platform and application to ensure the follow-up of security best-practices and identify security misconfigurations
• Improve the ability to respond to threats by leading new technology selection, configuration, internal product development, obtaining-buy-in, and implementations with a heavy emphasis on automation
• Design and coordinate cohesive responses to security events that involve multiple teams across the organisation
• Evaluate the impact to the organisation of current security trends, advisories and public exploits
• Coordinate responses as necessary across affected teams to do the right thing for our customers and our organisation
• Manage and extend our security detection capabilities (SIEM, WAF, honeypot, open source tools)
• Recognize, adopt and share the best practices on security engineering fields throughout the organisation: development, network security, application security, cryptography, security operations, incident responses
• Communicate efficiently (in English) at multiple levels of sensitivity and multiple audiences
• Establish metrics that demonstrate continuous improvements of the Security Monitoring & Incident Response Engineering capabilities and execute on your proposed strategy for improvements
• Fulfil regular on-call responsibilities

Preferred Qualifications

Solid understanding of MITRE ATTACK, NIST or similar threat frameworks

Benefits

• Virtual onboarding, Hackathon, and various opportunities to interact with your team and global colleagues both on and offsite each year
• Work flexibility: hybrid and remote work policies
• Generous paid time-off policy (every location is different)
• Immediate eligibility for birthing and non-birthing parental leave
• Wellbeing and Home Office allowances
• A Culture Crew in every country we’re based in to coordinate regular activities for employees to get to know each other and bond outside of work
• Every full-time employee receives stock options, allowing them to share in the company’s success
• We have multiple Employee Resource Groups, that offer a safe space for individuals who share common identities, life experiences, or allyship to connect, support one another, and passionately advocate for the issues close to their hearts
• And more benefits tailored to each country