Security Engineer (intermediate)

GitGuardian is a global post‑Series B cybersecurity scale‑up, with team members in France, Europe and the USA.

Among our early investors who saw our market value proposition are the co‑founder of GitHub, Scott Chacon, along with Solomon Hykes, Docker's co‑founder. American and European top‑tier VC firms have also invested in GitGuardian.

GitGuardian leads the way in Non‑Human Identity security, offering end‑to‑end solutions from secrets detection in code, productivity tools and environments to strong remediation, observability and proactive prevention of leaks.

Our solutions are already used by more than 600K developers worldwide!

The Security & IT team (3 people) protects all GitGuardian assets and systems, implementing guardrails that enable teams to deliver securely. The team focuses on applications, infrastructure platform, IT, and governance.

As a Security Engineer, you will work under the Security lead and interact with all Guardians.

You’ll contribute to the security team’s backlog; your primary responsibility is building scalable security mechanisms within GitGuardian’s software delivery pipeline, supply chain, service and corporate infrastructure.

• Automating Identity and Access Management on Okta.
• Advancing the secure software supply chain, and patch & vulnerability management program by designing reliable and maintainable automations.
• Improving security observability & monitoring systems and processes.
• Designing and implementing security mechanisms for corporate IT users (e.g., ZTNA, SWG).
• Enhancing application security by participating in architecture and code reviews, performing pentesting of new features, and assisting in offensive engagements.

• Handling reports from bug bounty programs, ensuring timely coordination and remediation with relevant teams.
• Responding to identified threats & vulnerabilities detected by our security stack (SIEM, WAF, EDR, DAST, …).

• Frontend: React / TypeScript
• Backend: Python + Django, Rust, RabbitMQ, PostgreSQL, Redis
• Infrastructure: Docker, Kubernetes, Terraform, AWS, OVH
• Security: Hashicorp Vault, SignalSciences WAF, CarbonBlack, Vanta, YesWeHack
• Panther SIEM, StackHawk
• VCS: Gitlab
• Monitoring: Grafana, Datadog
• IT: Okta, Google Workspace, Kandji, Landscape, N8N, Notion

If you think you match at least 70 % of these criteria, please apply!

• Fluent in English.
• At least one full‑time professional experience as a security, infrastructure or software engineer.
• Experience automating tasks with scripting languages (bash, python).
• Experience with containerised systems.
• Basic knowledge of cloud & web application security.
• Familiarity with administration of SaaS tools (Google Workspace, Okta, …).
• Understanding of Secret Management principles.

• French language skills.
• Experience with IaC tooling (Terraform, Kubernetes, Helm, Ansible).
• Experience building security monitoring & alerting systems.
• Experience with a software vendor scale‑up.
• Experience with SOC 2 or ISO27001 requirements.

At GitGuardian, we are committed to building a diverse, equitable and inclusive workforce.

We will ask for your gender identity on the application page to help us understand the diversity of our applicant pool and track our progress. The information is optional, will not be disclosed to the hiring manager or interview team, and will not be considered in the hiring process.

The interview stages are:

1. Video call with Ghislain, your future manager (45 min).
2. Technical Interview (1h30).
3. Interviews with the CTO, n+2 (60 min).
4. Final interview with an Executive Manager (30 min).
5. References check.

• Package that includes stock‑options.
• Lunch voucher (Swile).
• Non‑charged health insurance for children (Sidecare / Generali).
• Up to €300 to improve your home office set‑up.
• Yearly holiday allowance.
• Referral bonus of €4 000 for any new Guardian hired through you.
• 🎡 Team building: monthly budget dedicated to each employee, spendable with colleagues (examples: Michelin‑star restaurant, karaoke, stand‑up show, kitesurfing weekend).

Remote policy: hybrid (2 days/week at the office).

Opportunities for career development in the long term.

Team Engineering Role Security Locations Paris Remote status Hybrid Employment type Full‑time