Lead Security Engineer

GitGuardian is a global post-Series B cybersecurity scale-up, with team members in France, Europe and in the USA.

Among our early investors who saw our market value proposition, are the co-founder of GitHub, Scott Chacon, along with Solomon Hykes, Docker's co-founder.American and European top-tier VC firms have also invested in GitGuardian.

GitGuardian leads the way in Non-Human Identity security, offering end-to-end solutions from secrets detection in code, productivity tools and environments to strong remediation, observability and proactive prevention of leaks. Our solutions are already used by more than 600K developers worldwide!

As the lead of our Security team at GitGuardian, you'll be at the forefront of protecting a company that protects others.

You'll lead a dedicated security and IT team (comprising a Security Engineer and an IT apprentice), with opportunities to grow the team further. You’ll work closely with the Senior Engineering Managers who lead our engineering tribes and our Infrastructure team, who ensure our systems' reliability, security, and scalability.

This is a hands-on management role and your key responsibilities will include:

• Leading our security strategy, managing our security budget and resources efficiently
• Maintaining our SOC2 and ISO27001 certifications
• Enhancing our security infrastructure through strategic initiatives:
  • On the company level (securing important assets like source code, building internal security self-service tools,
  • On the product level (maintaining production security standards)

• Collaborating with our security researchers and supporting sales efforts.
• Mentoring your team (20-30% of the time).

What makes this role unique?

• Securing a security product, adding an exciting meta-layer to your work
• Working with a modern, cutting-edge tech stack (Terraform, Okta, Python)
• Joining a dynamic team where you can shape security processes and culture
• High autonomy and flexibility in building and scaling the security function

This role is perfect for someone who thrives in a fast-paced environment, values autonomy and wants to make a significant impact on a growing security-focused company. If you're pragmatic in your approach to security and excited about building scalable solutions, we want to hear from you!

If you think you match at least 70% of these criteria, please apply!

Here's what we consider essential for success in this role:

• Proven experience as a Security Engineer in a scaling company, having already built security monitoring & alerting systems
• Significant background (2+ years) deploying or securing assets on a cloud provider (AWS preferred)
• Hands-on experience with container technologies and Kubernetes in production (having deployed K8S clusters is a bonus)
• Proficiency in scripting languages (Python, Bash)
• Experience with CI/CD systems and automation
• Deep understanding of web application security
• Previous involvement with SOC2 or ISO27001 certification processes
• Excellent communication skills in English (our company's first language)
• Experience in people management and/or coaching and mentoring junior engineers.

The following skills would strengthen your application, but aren't required:

• Small team management
• French language proficiency
• Experience using Terraform to automate IAM
• Familiarity with SaaS administration (Google Workspace, Okta, HashiCorp Vault)
• Previous experience managing HashiCorp Vault clusters

At GitGuardian, we are committed to building a diverse, equitable and inclusive workforce.

We will ask for your gender identity on the application page to help us understand the diversity of our applicant pool and to track our progress in attracting and hiring a diverse workforce. The information is optional and will not be disclosed to the hiring manager or the interview team and will not be considered in the hiring process. We appreciate your willingness to share this with us so that we can continue to improve our diversity, equity and inclusion efforts.

1. Screening interview

To discover your professional project and evaluate if there could be a mutual match.

2. Interview with your future manager

To know more about yourself and your achievements, and present to you the team.

3. Technical interview

To evaluate your skills for the position and project yourself into the role.

4. Final interview with an Executive Manager

To detail our company’s vision and ambitions for the next couple of years.

• 70 - 95k Euros annual salary and a package that includes stock options
• Lunch voucher (Swile)
• Non-charged health insurance for children (Sidecare / Generali)
• Up to €300 to improve your home office set-up
• Yearly holiday allowance
• Referral bonus of 4000€ for any new Guardian we might hire thanks to you
• Team building: monthly budget dedicated to each employee that you can spend as you wish, with colleagues (latest examples to date: star restaurant, karaoke, stand-up show, karting, ...)

And also...

• Remote policy: hybrid (2 days/week at the office)
• A robust engineering culture,discover our R&D projects
• Opportunities for career development in the long term

Stack

Backend: Python (Django) Go, Rust
Frontend: JavaScript (React), TypeScript, React Query, Jest
DB: PostgreSQL, Elasticsearch (+ Kibana), MongoDB
Observability: Elastic Stack, Sentry, Grafana LGTM, OTEL
Deployment: ArgoCD, GitlabCI, Terraform
Runtime: Kubernetes (Karpenter, Istio)
Cloud providers: AWS and OVH
Message brokering: RabbitMQ, Redis
Secret manager: Hashicorp Vault

Products

• Understand how GitGuardian works in this short video!
• Want to go even further? Check out our public roadmap!
• Check out the State of Secrets Sprawl Report to understand our mission and the industry.
• Our solutions are already used by hundreds of thousands of developers in all industries and GitGuardian platform is the n°1 app on the GitHub marketplace

Clients

• GitGuardian helps organizations find exposed sensitive information that could often lead to tens of millions of dollars in potential damage.
• More than 70% of our customers are in the United States.
• Many F500 companies use GitGuardian's platform.

People

• The Guardians are knowledgeable, committed, serious, aligned with the company’s mission, and true team players: always willing to help each other grow our skill sets!
• The team is diverse and we hail from more than 20 different countries.
• We are also agile, remote-friendly, and fun people to work with.
• You will get trust & autonomy on your perimeter with a very transparent internal communication and a strong impact on the company development.