Security Engineer - Paris / Lyon / Cracow

Security Engineer - Paris / Lyon / Cracow

Locations: Paris, Lyon, Kraków – Hybrid (2 days in office, 3 days remote where applicable).

LumApps is now more than just an Employee Experience Platform – it is an AI‑powered Employee Hub that supports companies in their digital transformation of communication, collaboration, and engagement with customers, partners, and above all their employees.

Our platform is a proven leader in this dynamic market with a truly unique vision and product. It has been deployed by Fortune 500 clients around the world and delivers meaningful business benefits. LumApps is identified as a leader in Gartner’s Magic Quadrant for Intranet Packaged Solutions as well as in Intranets Forrester Wave, and is regularly selected for the French Tech Next40/120 program.

In 2025, LumApps strengthened its leadership position by partnering with Beekeeper, a pioneer in frontline employee experience solutions. This strategic collaboration expands our reach and impact across all types of workers – from HQ to the frontline.

Mission

This role is responsible for the proactive engineering and technical optimization of the organisation security detection stack. You will take ownership of triaging and investigating security events from GuardDuty, Sysdig, and WAF telemetry, moving beyond dashboard monitoring to perform active troubleshooting via log analysis and direct cluster interaction (with kubectl and gcloud). You will be expected to proactively tune detection logic to reduce false positives and develop automation scripts in Python or Bash to eliminate manual operational tasks. Additionally, you will drive the remediation of GitHub Advanced Security findings by providing developers with actionable code‑level fixes and ensuring security configurations are managed as code.

Responsibilities

• Maintain and monitor automated DAST, SAST, and SCA setups. Triage findings and work with engineering teams to ensure timely resolution of vulnerabilities.
• Participate in the coordination and tracking of security incidents and tickets to ensure resolution within SLAs.
• Collaborate with developers to promote secure coding practices and API security within the Software Development Lifecycle. Review third‑party components for vulnerabilities using SCA tools.
• Assist in managing recurring security review processes, including internal penetration testing and risk assessments.
• Apply security best practices to the organization’s usage of AI and LLM systems, supporting the broader strategy developed by senior leadership.
• Support security awareness training and participate in internal knowledge‑sharing sessions.

Qualifications

• 3+ years of professional experience in application / cloud security.
• Ability to analyze WAF traffic and cloud telemetry (e.g., GuardDuty, Sysdig) to identify attack patterns, eliminate false positives and tune the tooling.
• Hands‑on experience applying and auditing/remediating security best practices in AWS/GCP, Kubernetes and containerized infrastructure.
• Strong understanding of application and API security principles (e.g., OWASP Top 10, OWASP API Top 10).
• Practical experience with source code analysis and the ability to read and understand Python and/or Java.
• Hands‑on experience with security monitoring tools including SAST, DAST, and SCA and practical experience integrating them within the CI/CD pipelines.
• Solid understanding of data security, encryption techniques, and secure data handling.
• Working knowledge of network protocols (TCP/IP, DNS) and security concepts (WAFs, IDS).

Benefits

• Hybrid work model – 2 days at the office, 3 days remote (France). RTT days – ~10 extra days off per year.
• Meal vouchers (SWILE) + free snacks & coffee.
• Yoga classes – mindful break in our Paris office.
• Supportive parental leave and family moments – even a Christmas party for your kids!
• Health insurance (ALAN) – 60 % covered + full life & disability cover.
• Afterworks, team celebrations & seasonal parties.
• Equipment of your choice.
• French & English lessons, professional development & access to Leeto CSE.
• Phone & home internet costs reimbursement up to 80 PLN/month (Poland).
• Private health care package with Luxmed – covered for you and partially for your partner/family (Poland).
• Cafeteria benefits – monthly budget to cover sport cards or other purchases (Poland).
• Creative Allowance – paid as 1 000 PLN gross/month (Poland).
• Home office set‑up reimbursement up to 1 000 PLN (Poland).
• Personal learning & development budget of 1 500 USD/year (Poland).
• 26 days of annual leave/year and 2 mental health days off per year (Poland).

We aim to celebrate diversity and are committed to creating an inclusive environment for all employees. We encourage applications from candidates of all backgrounds, identities, and experiences.