Security Engineer - Governance, Risk & Compliance w/m

DataDome is one of the fastest-growing tech startups. We offer a cutting-edge technology that protects online businesses (websites and mobile applications) against advanced cyber attacks.

Based on AI & Machine Learning, our cyber-security solution can detect & block the most sophisticated bot attacks, in real-time.

We’re proud to protect more than 200 Companies worldwide, including TripAdvisor, The New-York Times, Foot locker Carrefour, BlaBlaCar, Rakuten, Veepee, Adevinta.

Our offices in Paris, New-York & Singapour gather talents coming from 13 different nationalities. We all love our ideally located & modern offices, an accessible management team, offsite events and weekly team-building initiatives, a chill room that includes football, video games and a punching bag!

DataDome is #CustomerCentric, the solution is the leader on g2.com and 100% of our customers renew their subscription year after year.

Want to play your part in the war against bad bots? Join the team and become a Botbuster!

We operate at scale and handle over 1 000 billion events per day giving responses within 3ms (99p). Currently, we are present in more than 25 data centers around the world, deployed using Docker.

This stack is currently handling 500k requests per second and manages more than 300 TB of data.

Why Join us?

You want to do practical security work in a scale-up company whose core business is cyber-security with a challenging stack in a multi-cloud environment.

Your team:

As a Security Engineer - GRC (Governance, Risks, and Compliance) focusing to preserve DataDome's information assets, customer data, DataDome employees and keeping compliance requirements .

You will be a strategic point of contact and you will work closely with information security, legal, engineering, product and human resources to improve continuously the company's security posture.

You will be more specifically in charge of:

Conducting security risk assessment and improving the process and the methodology.

Contributing to the implementation of the "security by design" pattern in projects, ensuring security action plans, measures and controls are in place in all projects.

Creating training to raise security awareness.

Maintaining security policies, procedures, action plans, performing audits and reviews, third-party & vendor management and monitoring compliance progress.

Supporting tooling and automation roadmaps that facilitate compliance activities and lead to reducing the disruption of audit events.

Contributing to the improvement of the DataDome Real-Time Bot Protection solution.

Requirements:

You believe in the importance of a risk-based approach to defining and maintaining security objectives, policies and procedures for succeeding in your mission.

You have a real understanding and experience in Cloud security (AWS or GCP)

You are really interested in technical topics, you know how Internet works.

You know industry compliance (SOC2) and/or security standards including (CIS benchmark).

Strong written and verbal communication skills in French and English.

Bonus:

Your skills are recognized by a certification CISSP, CCSP, ISO 27001 Lead Implementer or Auditor, EBIOS Risk Manager, Risk Manager ISO 27005

You are able to be “hands-on”.

What we offer if you join our team :

• A stimulating work environment with passionate individuals and a talented R&D team creating innovative solutions, making DataDome one of the strongest performers in the bot protection industry.
• A multicultural and diverse team with almost 13 different nationalities in the office!
• A joyful workplace with many events throughout the year: annual offsite, summer and Christmas parties; one thematic aperitif per month, breakfast every Friday morning...
• Remote friendly work environment: Tailor-made work from home policy and joyful workplace located in Paris close to Opéra station!
• A Swile card and Alan Healthcare

What are the next steps?

You x Talent Acquisition Manager: first interview and cultural fit

You x the Team's Engineering Manager: technical and cultural fit + Take-home technical challenge

You x Team: Presentation and review of your "technical proposal" with the team

You x Member of the leadership team - Discussion about Datadome vision and "raison d'être" ? NOW you really met everyone

Welcome to DataDome :)

DataDome is an equal opportunity employer, and proud to be committed to diversity and inclusiveness. We will consider all qualified applicants without regard to race, color, nationality, gender, gender identity or expression, sexual orientation, religion, disability or age.