Lead Security Engineer

Paris, France

Full Time Senior-level / Expert USD 112K - 150K *

Netatmo

Découvrez le confort d'une maison intelligente grâce aux objets connectés Netatmo : Thermostat, Caméras de sécurité, Station Météo, Sonnette Vidéo…

View company page

Company Description

What we do? 🚀

We develop groundbreaking, intuitive and beautifully-designed connected consumer electronics. Truly smart, our innovative products provide a seamless experience that helps users create a safer, healthier and more comfortable & eco-friendly home.
We carefully design the mechanics, electronics and embedded software of all our products to the highest standards. Our mobile and web applications are designed to be simple to operate, yet deliver a rich user experience.

​​​​​​We also collaborate with strategic partners to revolutionize your home : Velux (window), Muller (electrical radiator), Engie , Vaillant (Boilers)

Since November 2018, Netatmo has become a part of the Legrand group a global leader in electrical and digital infrastructure for buildings, with millions of users all over the world.
We continue to develop our brand and products autonomously.

Who are we ? 🧑‍🤝‍🧑

Netatmo is first and foremost the story of talented people coming together and working on a common project. Our purpose is not only to create beautifully designed products but also to build a beautiful company.
We look to create a real community that shares more than just work projects, because everyone's fulfillment is essential to us and creativity isn't always born behind a desk.

Job Description

What is the mission of the Security Team:

Ensure that our IoT products are conceived, developed, and maintained following the best security practices.

Constantly raise the bar for security.

Make the “security by design” motto part of the DNA of the other R&D teams in the Legrand Group.

 

In Netatmo’s Security Team, your main challenges will be to:

Work together with all R&D teams (apps, embedded, backend, frontend, ...) to conceive, and participate in the security-critical features for the future products and the software platform of Netatmo and Legrand group. Implement secure protocols and other security sensitive code or configuration.

Ensure R&D teams and Legrand’s products match with our security standards, procedures, and requirements by performing evangelization and coaching of the developers.

Perform specification and code reviews with a strong focus on potential security issues.

Perform and/or organize security audits of products, network, services and applications on-demand, before and after release.

Identify security issues by yourself, via audits/penetration tests or via our vulnerability reporting program and provide the relevant remediation recommendations.

Create and/or deploy specialized tools/automation for internal uses such as:

  • Automated audits:
    • Vulnerabilities on multi-cloud platform.
    • Configuration and compliance
    • Vulnerability assessment and code audit for C/C
  • Qualify and security tools to improve our covered scope such as WAF, SAST, DAST, SIEM, …

Contribute to and implement ISO27001 processes.

Be a privileged contact inside the Legrand group for all security related subjects.

Manage & provide mentorship to other members of the security team.

 

Even if you don't tick all the boxes, we'd like you to apply:

We are a growing team of three involved in a lot of different topics and we are looking for profile in a very large spectrum. Being able to cover a sub-range of this spectrum makes you perfectly suitable to join the team. The most important criteria is to be curious, eager for new challenges and passionate about security. We try to maintain a high level of communication and exchange in the team to pollinate knowledge, practices, and skills between members.

So if you are curious, enthusiast and ready for a challenge, join us!

 

If you are curious here is a little glimpse of our technical environment:

Netatmo R&D covers all the aspects of the creation of a product from electronic, mechanic, embedded software, mobile application, servers and production. You’ll find below our main stack from each team:

Embedded software: FreeRTOS, Linux, Android, lwIP, C, C++, Java, Secure Element, …

Radio technologies: Proprietary sub-Ghz radio protocol, Wifi, BT, BLE, Zigbee, NFC, …

Mobile Application: Objective-C, Swift, Java, Kotlin, Javascript, …

Servers: Azure, AWS, OVH, MongoDB, Kafka, ELK, Docker, NodeJS, PHP, …

Security tools: Tenable.io, Polyspace, Burp, …

Qualifications

YOU’RE THE PERFECT MATCH IF… 🎯

You already had a management experience.

A strong focus on preserving user privacy and ensuring information security.

A pragmatic mindset and critical eye to create very secure products providing the best user experience.

A willingness to take initiatives to make the security of our products better.

The empathy to turn “someone else’s problem” into “your problem”.

Someone flexible, curious, able to work with input from various engineering domains and have a strong team spirit.

Experience in system administration, software development or security audits.

A Strong understanding of security and privacy issues, such as the most common threats and vulnerabilities, their impact and how to mitigate them.

Knowledge in how to use and apply most common cryptographic algorithms, protocols.

Some background in software system architecture is a plus.

Additional Information

Some of our perks 💪

Activities

  • During your breaks , play Ping-Pong 🏓 & Babyfoot like a boss
    Every day we have sport activities for you (⚽ ,🏀 ,🧘 , running , spikeball, utlitmate , climbing,..)
  • Showers at the office 🚿
  • Play board games, sing with the choir 🎤 or play music (🎹,🎸)
  • Party with your colleagues 🥳 (afterworks, karaoké, boss BBQ , Xmas party...)
  • We offer time so you can participate in meetups and technology or business conferences or also teach in your previous school 📖


I already want to be part of Netatmo but please tell me more

  • Get an example of each Netatmo product for beta tests 💰
  • CSE Xmas gift 💰
  • Dedicated parking for your car and bike 🚗 and 🚴‍♂️
  • Discount on our partners products  boiler , electrical radiator , electrical appliances 💰
  • Amazing offices with a rooftop and view on Eiffel Tower 🗼
  • 2 remote working days per weeks on average
  • Internal mobility 
  • Flexible working hours ⏱️
  • Alan health coverage 👩‍⚕️
  • Ticket Restaurant 🍽️

* Salary range is an estimate based on our salary survey 💰

Tags: Android Audits Automation AWS Azure C C++ Cloud Compliance DAST Docker ELK ISO 27001 Java JavaScript Kotlin Linux MongoDB Node.js PHP Privacy R&D SAST SIEM Vulnerabilities

Perks/benefits: Conferences Flex hours

Region: Europe
Country: France
Job stats:  4  0  0
  • Share this job via
  • or

More jobs like this

Explore more InfoSec/Cybersecurity career opportunities

Find open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Analysis, Cryptography, Digital Forensics and Cyber Security in general, filtered by job title or popular skill, toolset and products used.