Senior Security Engineer

Summary

Join Aircall as a Senior Security Engineer and play a crucial role in maintaining a robust security posture across our infrastructure, applications, and processes. You will collaborate with engineering teams, implement security solutions, and advocate for a DevSecOps culture. Responsibilities include embedding security in the software development lifecycle, developing security guardrails, conducting security reviews, and designing AI-driven security solutions. You will also build and maintain security-as-code templates and provide internal tooling and training. Aircall offers a unique work environment, opportunities for growth, and a competitive salary and benefits package.

Requirements

• You have at least 5+ years of experience in Security involving Public Clouds ( preferably AWS)
• Strong development background with experience in secure coding practices
• Experience with automation & AI-driven security – ML-based threat detection, and security automation tools
• Hands-on expertise in DevSecOps – integrating security tools into DevOps workflows (SAST, DAST, IaC scanning, runtime protection)
• Shift-left & enablement-focused: Passion for making security a frictionless part of engineering workflows rather than a blocker
• Self-service mindset: Believes in building security guardrails and automation so developers can self-serve security solutions
• Problem-solver & automation-first thinker: Constantly looks for ways to remove manual work through scripting, AI, or process improvements
• Strong collaboration & communication skills: Able to partner with developers, SREs, and product teams to drive security adoption
• Security evangelist: Proactively educates teams on security risks and best practices through training, workshops, and internal documentation

Responsibilities

• Embed security early in the software development lifecycle by collaborating closely with engineering teams to integrate secure coding practices, automated security testing, and threat modeling
• Develop and implement security guardrails, ensuring developers and infrastructure teams can self-serve secure frameworks and best practices
• In charge of security reviews for new features, services, and infrastructure changes, proactively identifying and mitigating risks before deployment
• Design and implement AI-driven security solutions , leveraging machine learning for anomaly detection, threat intelligence, and automated response
• Develop automation to streamline vulnerability management, compliance reporting, and security operations
• Build and maintain security-as-code templates , playbooks, and CI/CD-integrated security controls, enabling developers to securely deploy software without friction
• Provide internal tooling and training that empowers teams to manage security risks without needing constant security team intervention
• Advocate for a DevSecOps culture by mentoring teams and driving security awareness across the engineering organization
• Harden Aircall’s SaaS infrastructure by designing scalable, cloud-native security solutions (AWS, Kubernetes, Terraform, etc.)
• Strengthen API security and application security by enforcing best practices for authentication, authorization, and secure data handling
• Monitor and improve security observability, ensuring visibility across all environments through logs, alerts, and automated threat detection
• Own and improve incident detection and response capabilities , ensuring rapid containment and resolution of security threats

Benefits

Competitive salary package & benefits (health coverage, lunch, commute, sports)