Security Engineer

Diabolocom enables organizations worldwide to build brand loyalty and drive sales growth. Our innovative cloud-based solution leverages its proprietary AI technologies to optimize contact centers of medium to large sizes, enabling efficient management of customer interactions across all communication channels. As a telecom operator, we ensure premium voice quality, efficient handling of high call volumes, and provide phone numbers worldwide.

Our comprehensive range of AI services, specifically designed for customer relations, elevates data quality and automates tasks. These services, fully integrated into our cloud contact center solutions, are also accessible through APIs in multiple languages.

We empower Customer Service and Sales teams to effectively handle all inbound and outbound interactions thanks to our state-of-the‑art dialer. Our solution seamlessly integrates with leading CRMs and offers real‑time monitoring and analytics capabilities.

Diabolocom, with offices across Europe, the USA, Brazil, and the UAE, proudly serves 350+ clients, with agents operating from 60+ countries.

About you:

To sustain the company's growth, we are creating the position of IT Security Engineer to work directly with our CISO to enhance the Security Team.

At Diabolocom, you will:

• Be the second person of a growing security team and work directly with our CISO on the following topics :
• Maintaining and continuously improving our security practices, processes, technical procedures, internal documentation
• Keeping up to date with the evolving threat landscape
• Compliance activities with our existing PCI DSS and future (SOC2, ISO27001) certifications
• Automation: Developing appropriate tooling and scripts for scaling security operations and compliance activities
• Security culture and awareness across tech and non-tech teams (trainings, security champions, communicating best practices, technology watch)
• Security architecture: being security referent for product & infrastructure security decisions
• Internal security assessments and audits (configuration, vulnerabilities, access rights, internal red team)
• Vulnerability management: supporting tech teams in identifying and correcting vulnerabilities (on‑prem and cloud deployments)
• Application security : CI/CD security pipelines, SAST, DAST, image scanning, code reviews, secure coding training
• Infrastructure security : IaaC, configuration hardening, BC/DR plans and IAM
• Security incident detection & response in collaboration with our managed Security Operations Center service and DevOps teams

What we are looking for:

• Engineering school with a specialisation in IT security or equivalent experience
• Understanding of topics related to technical architectures, cloud technologies (APIs, databases, microservices), desktop environments and how to secure them
• Knowledge of at least one scripting language like Python to automate operations where possible
• Passion for tech and cybersecurity and willingness to learn and grow in these areas, challenge-driven
• Strong interpersonal skills, ability to listen to, understand and propose solutions to complex problems, teaching people and working in a team
• Autonomous, precise and rigorous
• You are comfortable in a scale‑up culture, with an organization that leaves plenty of room for personal initiative
• Excellent oral and written communication in English, and ability to summarize

Previous experience in some or all of the following will also be highly appreciated:

• Infrastructure as Code (IaaC): ansible, terraform, gitops, vault…
• Container and virtualization technologies (kubernetes, docker), on premise infrastructure, Linux systems and how to secure such deployments
• Working as security engineer / devsecops in tech startups or scale‑ups
• Building security CI/CD pipelines and automations
• Working with a SOC/SIEM and EDR, performing incident response
• Penetration testing and red teaming
• Any security certifications like OSCP, OSEP, CPTS, ISO 27001 LI, CISSP, AWS Solutions Architect/Security…
• Work experience with one of the following certifications: PCI‑DSS, HDS, ISO 27001 or SOC2
• Any public contributions, open source projects, CTF profiles (HackTheBox, root‑me, etc…), blogs, research or achievements you’d like to share

What’s in it for you:

• You’ll have a multi day onboarding to get to know our product, our teams and our culture!
• You’ll have the chance to work in a multicultural environment with colleagues coming from 5 different countries and 10 different nationalities