Ethical Hacker W/M

At ManoMano, we bet on passionate and innovative people! Are you looking for a great environment to grow professionally and personally ?
Join us in this tremendous adventure !   
ABOUTLaunched in 2013, ManoMano is the European leader specialised in DIY, home improvement and gardening online.  ManoMano brings together the largest offer of DIY & gardening online products. With more than 3600 seller partners, 10 million products, 7M active customers and 50M unique visitors per month, ManoMano is a disruptor of online home improvement, DIY and gardening across 6 countries : France, Belgium, Spain, Italy, Germany, United Kingdom.
ManoMano was valued at $2.6 billion and reached Unicorn status in July 2021 after $725 million raised 8 years after its creation.
ManoMano also works for the pros with ManoManoPro, a unique platform designed to make life easier and free building craftsmen from their daily constraints. Currently in France, Spain and Italy, the BtoB activity saves craftsmen time by revolutionizing their purchasing processes. 
We currently are more than 900 Manas & Manos, including a quarter of international talents and 24 nationalities, working in our 4 offices (Paris x2, Bordeaux and Barcelona). 
Our vision, as a responsible European B2C and B2B industry leader online, is to offer a unique value proposition on our HI markets, beyond product to services, to be an A Brand. Our ManoMano way of life, within business hypergrowth, is to always keep the human dimension at its right place. Empowering people to responsibly make their own kind of world is our mission. 
OUR COMPANY CULTURE 💙People are at the heart of ManoMano’s culture around our 3 core values : boldness, ingenuity and care. 


Background & Missions
ManoMano, already positioned as the European leader in DIY, wants to propose the best online experience in DIY ecommerce. For this, ManoMano is extending an amazing security team, and is looking for an Ethical Hacker.
The candidate must have the expertise to perform web application, internal and external network penetration testing, and source code review. You are an evangelist of security culture. The candidate must have a strong desire to learn, progress and innovate onintrusion techniques and offensive security.The candidate thinks like an ethical hacker in order to better counter them to protect our customers and sellers.Our goal is to find innovative solutions to solve IT security issues, adapted to business needs. This job of the ethical hacker is to collaborate with all the employees of the company.As a member of the AppSec domain, you will also support us build and mature application security practices and processes, with an automation first mindset, across the SDLC (Software Development Life Cycle).You will partner with the rest of the team to make it easier for engineers to deliver secure applications, to improve our application security posture and to reduce risk to our customers and company.You will also be able to contribute to Hack4Values, our social bug bounty initiative for NGOs.
Your missions
- Hunt and fix vulnerabilities from the beginning to the end. Communicate discovered issues, how to exploit them, and how to fix them for both technical and nontechnical audiences.- Execute penetration tests and security assessments of existing and newly Manomano’s features and services. Including internal & external networks, web and mobile applications- Participate in and design red team missions to increase culture and train our collaborators- Co-manage the community and our bounty bug program. Triage submissions, challenging reports, confirming vulnerabilities, deciding on corrective measures- Lead and support application security reviews and threat modeling including code review, static code analysis and dynamic testing.- Consider emerging vulnerabilities and threats from within the context of organizational risk and business impact(s).- Involve in design solutions and fixing vulnerabilities. Work with engineering teams in the design phase of new products and features, conducting threat modeling and security architecture, design and code reviews.- Maintain a strong security culture: We create awarenessand training programs. You maintain a high security culture in the company. Animate internal and external conferences and workshops.- Collaborate with DevOps, Software Engineering, and Product Management to continuously improve our application security strategies and priorities for protecting our customers, sellers and company - Be the first response and remediation for security-related alerts/incidents.Develop an active defense: We develop and integratesecurity tools/solutions to automate and improve detection and remediation.
Your profile
- Bachelor’s degree in Computer Science, Engineering, Information Technology- You have a strong understanding of common and uncommon web application vulnerabilities and mitigations.- Strong desire to learn, progress and innovate on intrusion techniques and offensive security- Good knowledge of web applications, Operating Systems, Security tools, network infrastructure- Strong understanding of secure architecture and design, threat modeling,security code review, SDLC and the ability to clearly articulate best practices and mitigations for application security- Well Understanding, documenting and communicating- Excellent ability to communicate (oral and writing) to technical and non-technical audiences with a positive, collaborative, and enablement-focused attitude- Data-driven approach- Curiosity and desire to challenge conventional approaches to solving problems- Experience with scripting languages- Language: French, English- Demonstrated experience in capture the flag (CTFs) events, bug hunting or vulnerability research (CVEs) is a plus.
What we offer at ManoMano
- Fast growing start-up environment- international (20+ nationalties) & agile company- Sponsorings to external conferences - organisation of internal and external Meetups- Crafternoons every Thursday afternoon (share your knowledges, learn from others)- Swile card for lunch- 60% company medical insurance- 7 weeks of payed vacation- Choose your days of remote work per week (full remote possible)- Amazing work environment in Paris 17th, Bordeaux & Barcelona- Attractive salary (package)- Mac, PC or Linux: it’s up to you!At ManoMano we are dedicated to building an inclusive and diverse workforce where each individual can grow. We respect and value the richness of varied cultures, perspectives, skills and experiences within our teams which is why we are looking for talented people from all backgrounds.
The information collected on this form is recorded in a file used by ManoMano - Colibri SAS so that we can process your application.   The data is kept for 2 years from the date of your application. You can access your data, rectify it, request its deletion or exercise your right to limit the processing of your data. You can also exercise your right to the portability of your data. Consult the cnil.fr website for more information on your rights. To exercise these rights or if you have any questions about the processing of your data under this scheme, you can contact our data protection officer by writing to dpo@manomano.com.  If, after having contacted us, you feel that your "Data Protection" rights have not been respected, you may submit a complaint to the CNIL.