Security Engineer - Full Remote (France) or Hybrid
Security Engineer - Full Remote (France) or Hybrid
Type: Full‑time, Permanent – CDI
Location: Aix en Provence or remote, France
Start Date: The sooner, the better
As a Security Engineer you will play a key role in shaping the security and resilience of Voyage Privé’s technology platform. You will work closely with Engineering, Product and Platform teams to embed security practices into every stage of product development, deliver measurable impact, and help us scale efficiently while maintaining a strong security posture.
You will have the opportunity to build many security foundations from scratch—including internal tooling and CI/CD guardrails—and influence key architectural and technical decisions as we redesign our platform for scale.
Responsibilities
- Strengthen the security posture across products, data, and infrastructure: secure coding practices, code reviews, threat modeling, vulnerability remediation, cloud and network hardening.
- Develop automated security guardrails integrated into CI/CD pipelines (SAST, SCA, secrets scanning).
- Design secure architectures for applications, APIs, data flows, and integrations in partnership with engineering teams.
- Secure hybrid environments combining virtual machines, containerized workloads, and cloud‑native services, ensuring consistent security standards across the entire platform.
- Drive proactive risk identification through continuous scanning, threat modeling sessions, risk assessments, and architecture reviews.
- Enable engineering teams to build secure‑by‑design practices by acting as a trusted advisor, developing internal tools, and leading security awareness sessions.
- Operational security & incident readiness: participate in on‑call rotations, investigate security events, and improve incident response workflows.
- Lead security improvement projects: build automation, enhance tools, optimize processes, and foster a culture of security ownership.
Qualifications
- 5–7 years of experience in software engineering, security engineering, DevSecOps or equivalent technical security roles.
- Hands‑on experience with modern CI/CD systems (GitHub Actions, GitLab, Jenkins).
- Solid understanding of cloud security principles (AWS, GCP, Azure).
- Experience securing both virtualized systems (VMs) and containerized workloads.
- Strong knowledge of secure coding, OWASP Top 10, and application security fundamentals.
- Experience with SAST, SCA, container/IaC scanning, runtime security tools, IAM and secrets management.
- Pragmatic, engineering‑first mindset: able to balance security with developer experience, velocity, and real‑world constraints.
- Excellent communication skills: able to translate complex security issues into actionable guidance for both technical and non‑technical stakeholders.
- Proactive, autonomous, critical thinker with a continuous improvement mindset.
- Nice to have: previous experience or knowledge of compliance requirements (GDPR, PCI‑DSS…)
- Fluent in French and English.
We are looking for builders who move fast, think big and care deeply about creating lasting impact.
#J-18808-Ljbffr