Senior Security Engineer - GRC - Open to remote
Barcelona
Applications have closed
Back Market
Find the best deals on refurbished phones, laptops, and tech at Back Market. Up to 70% off when compared to new products. Free delivery, 1-year warranty, 30-day money back guarantee.Back Market is undergoing meteoric growth and has raised over 884M€ already! We have the objective of reaching 1000 Back Makers by the end of 2022! We are thrilled to have an inclusive, fulfilling and caring work environment in all our offices (Paris, Bordeaux, Berlin, Barcelona & New-York). This is an opportunity for you to join a talented, humble and passionate team at the heart of innovation : the Bureau Of Technology
Be a part of the movement. Join the refurb revolution.
As a Senior Security Engineer - GRC (Governance, Risks, and Compliance) preserving Back Market's information assets is your main concern.
You contribute to the continuous improvement of the company's security posture, while keeping an eye on key risk indicators. As a domain expert and evangelist of cybersecurity best practices you share your time between advising technical and business teams, assessing risks, defining and maintaining security policies, procedures and action plans, performing audits and reviews, and monitoring compliance progress.
We have huge ambitions and aim for excellence. So we are counting on you to support and advise our teams on the cybersecurity aspects of these challenges.
Required profile :
- You are a talented engineer with at least 4 years experience of securing web services in dynamic cloud environments.
- You believe in the importance of a risk-based approach to define and maintain security objectives, policies, procedures and action plans necessary for succeeding in your mission.
- You care about explaining the rationales for the company's security choices, to ensure that colleagues understand and adopt them, and defining a security requirement without any analysis or foundation is nonsense to you.
- Best practices and standards such as the ISO/IEC 27000 series, including 27005 or EBIOS, 27017, 27018, 27035, OWASP SAMM, OWASP ASVS or CSVS, or CIS benchmarks are among your favorite references.
- You are curious, structured and enjoy exploring new methods and technologies. You are transparent in your communication and are able to find solutions with your team when you don't have an answer.
- You like to share knowledge and make your colleagues aware of good cybersecurity practices, by supporting your proposals with concrete examples and demonstrations.
- Your skills are recognized by a certification such as (ISC)² CISSP, CCSP or CSSLP, ISO 27001 Lead Implementer or Auditor, EBIOS Risk Manager, SANS GCCC - or you are ready to obtain it in the near future.
- In-depth knowledge of PCI-DSS and GDPR would be appreciated.
- You want to join a challenging technical environment: AWS, GCP, Kubernetes, Terraform, Datadog, Spinnaker, Cloudflare, etc., where you can learn, develop and grow your career.
- Great verbal and written communication skills, in English.
* Call with Yann one of our tech talent acquisition specialist* Technical interview with members of the Cybersecurity team* Team Fit interview with your Manager and one of your potential future coworker* Interview with Thibaud our CEO and Co-founder
WHY SHOULD YOU JOIN US ?
• A meaningful job: through hard work, you will help avoid thousands of tons of electronic waste and fight against planned obsolescence. It counts!• An attractive salary, equity, multiple benefits (meal tickets, health insurance, etc...), parental benefits, #remote friendly company, relocation package, internal events, etc… • Technical challenges all day every day: you will have the freedom to innovate and adopt new ideas!• Work with passionate experts who will share their knowledge and help you develop and grow! (Backademy, technical guilds, Meet-up & Conference) • Grow your career with a flexible career path, BackMarket can help you evolve!• A booming scale-up: our environment is rapidly growing in Europe, the USA and soon in Asia!• A lot of fun: you will have the opportunity to work in a fast-paced, open-minded and friendly environment.
BackMarket is an Equal Opportunity Employer for any minority, disability, gender identity or sexual orientation.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Audits AWS CCSP CISSP Cloud Cloudflare Compliance GCP GDPR Governance ISO 27001 Kubernetes Monitoring OWASP SAMM SANS Terraform
Perks/benefits: Career development Equity Health care Insurance Relocation support Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Staff Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Security Analyst jobs
- Open Security Operations Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Information Security Analyst jobs
- Open Product Security Engineer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Cybersecurity Analyst jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Specialist jobs
- Open Security Specialist jobs
- Open Chief Information Security Officer jobs
- Open Security Researcher jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Specialist jobs
- Open Information System Security Officer (ISSO) jobs
- Open Agile-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open CISM-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open IAM-related jobs
- Open CISA-related jobs
- Open Threat intelligence-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs
- Open Malware-related jobs
- Open APIs-related jobs
- Open IDS-related jobs
- Open Security Clearance-related jobs
- Open DevSecOps-related jobs
- Open CI/CD-related jobs