Security Engineer - Governance, Risk & Compliance w/m
France
Applications have closed
DataDome
Real-time bot protection solution that deploys in minutes on any web infrastructure. DataDome provides accuracy without compromise. Test it free!DataDome is one of the fastest-growing tech startups. We offer a cutting-edge technology that protects online businesses (websites and mobile applications) against advanced cyber attacks.
Based on AI & Machine Learning, our cyber-security solution can detect & block the most sophisticated bot attacks, in real-time.
We’re proud to protect more than 200 Companies worldwide, including TripAdvisor, The New-York Times, Foot locker Carrefour, BlaBlaCar, Rakuten, Veepee, Adevinta.
Our offices in Paris, New-York & Singapour gather talents coming from 13 different nationalities. We all love our ideally located & modern offices, an accessible management team, offsite events and weekly team-building initiatives, a chill room that includes football, video games and a punching bag!
DataDome is #CustomerCentric, the solution is the leader on g2.com and 100% of our customers renew their subscription year after year.
Want to play your part in the war against bad bots? Join the team and become a Botbuster!
We operate at scale and handle over 1 000 billion events per day giving responses within 3ms (99p). Currently, we are present in more than 25 data centers around the world, deployed using Docker.
This stack is currently handling 500k requests per second and manages more than 300 TB of data.
Why Join us?
You want to do practical security work in a scale-up company whose core business is cyber-security with a challenging stack in a multi-cloud environment.
Your team:
As a Security Engineer - GRC (Governance, Risks, and Compliance) focusing to preserve DataDome's information assets, customer data, DataDome employees and keeping compliance requirements .
You will be a strategic point of contact and you will work closely with information security, legal, engineering, product and human resources to improve continuously the company's security posture.
You will be more specifically in charge of:
Conducting security risk assessment and improving the process and the methodology.
Contributing to the implementation of the "security by design" pattern in projects, ensuring security action plans, measures and controls are in place in all projects.
Creating training to raise security awareness.
Maintaining security policies, procedures, action plans, performing audits and reviews, third-party & vendor management and monitoring compliance progress.
Supporting tooling and automation roadmaps that facilitate compliance activities and lead to reducing the disruption of audit events.
Contributing to the improvement of the DataDome Real-Time Bot Protection solution.
Requirements:
You believe in the importance of a risk-based approach to defining and maintaining security objectives, policies and procedures for succeeding in your mission.
You have a real understanding and experience in Cloud security (AWS or GCP)
You are really interested in technical topics, you know how Internet works.
You know industry compliance (SOC2) and/or security standards including (CIS benchmark).
Strong written and verbal communication skills in French and English.
Bonus:
Your skills are recognized by a certification CISSP, CCSP, ISO 27001 Lead Implementer or Auditor, EBIOS Risk Manager, Risk Manager ISO 27005
You are able to be “hands-on”.
What we offer if you join our team :
- A stimulating work environment with passionate individuals and a talented R&D team creating innovative solutions, making DataDome one of the strongest performers in the bot protection industry.
- A multicultural and diverse team with almost 13 different nationalities in the office!
- A joyful workplace with many events throughout the year: annual offsite, summer and Christmas parties; one thematic aperitif per month, breakfast every Friday morning...
- Remote friendly work environment: Tailor-made work from home policy and joyful workplace located in Paris close to Opéra station!
- A Swile card and Alan Healthcare
What are the next steps?
You x Talent Acquisition Manager: first interview and cultural fit
You x the Team's Engineering Manager: technical and cultural fit + Take-home technical challenge
You x Team: Presentation and review of your "technical proposal" with the team
You x Member of the leadership team - Discussion about Datadome vision and "raison d'être" ? NOW you really met everyone
Welcome to DataDome :)
DataDome is an equal opportunity employer, and proud to be committed to diversity and inclusiveness. We will consider all qualified applicants without regard to race, color, nationality, gender, gender identity or expression, sexual orientation, religion, disability or age.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Audits Automation AWS CCSP CISSP Cloud Compliance Docker GCP Governance ISO 27001 ISO 27005 Machine Learning Monitoring R&D Risk assessment SOC 2 Vendor management
Perks/benefits: Salary bonus Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Ethical hacker / Pentester H/F jobs
- Open Information Security Specialist jobs
- Open Cyber Security Specialist jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Architect jobs
- Open Senior Cyber Security Engineer jobs
- Open Product Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Staff Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open Cybersecurity Consultant jobs
- Open Security Specialist jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Security Researcher jobs
- Open Sr. Security Engineer jobs
- Open IT Security Engineer jobs
- Open Clearance-related jobs
- Open ISO 27001-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open SaaS-related jobs
- Open Analytics-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Security Clearance-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open Malware-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs
- Open CEH-related jobs
- Open IPS-related jobs