As a Security Engineer within GitGuardian’s Security & IT team, you will work under the management of our Security lead and interact with all Guardians.
The Security & IT team is responsible for protecting all GitGuardian’s assets & systems, implementing guardrails enabling teams to deliver securely. The team focuses on these four scopes: applications, infrastructure platform, IT & governance.
You’ll contribute to the security team’s general backlog, and your primary responsibility will be building scalable security mechanisms within GitGuardian’s software delivery pipeline, supply chain, service & corporate infrastructure.
Your main responsibilities will be to:
1. Work with the team on projects such as:
Automating Identity and Access Management, using Terraform and Okta.
Advancing on securing our software supply chain, and patch and vulnerability management program by designing reliable and maintainable automations.
Improve our security observability & monitoring systems and processes.
Design and implement security mechanisms for corporate IT users (eg, ZTNA, SWG).
Enhance our application security by participating in architecture and code reviews with our project managers and developers, performing pentesting of new features, and assisting in offensive engagements.
2. Contribute to the team's operational activities such as:
Handling reports from our bug bounty programs, ensuring timely coordination and remediation with relevant teams.
Responding to identified threats & vulnerabilities detected by our security stack (SIEM, WAF, EDR, DAST, …).
Technical environment
Frontend: React / TypeScript
Backend: Python + Django, Rust, RabbitMQ, PostgreSQL, Redis
Infrastructure: Docker, Kubernetes, Terraform, AWS, OVH
Security: Okta, Vault, SignalSciences WAF, CarbonBlack, Vanta, YesWeHack, Panther, StackHawk
