Security Engineer (Devsecops & Incident responder) - Contentsquare Barcelona Bookmark Share Print 342 0 1

Listing Description

Contentsquare is a global digital analytics company empowering the brands you interact with every day to build better online experiences for all. Since our founding in France in 2012, we have grown to be a truly global and distributed team – known as the CSquad – representing more than 70 nationalities across the world.

In 2022, we raised $600M in Series F funding and were recognised as a certified Great Place to Work in France, Germany, Israel, US and UK.

Please Note: Scammers are posing as Contentsquare and Contentsquare team members. We’ll never initially contact you via text or GChat, and never solicit money from you. Please visit our careers blog for more information.


The Contentsquare security team is looking for a focused security engineer who can take on a leadership role in responding to security issues. As such, you’ll need to have practical security experience and knowledge of the state of the art for detecting and responding to attacks. The ideal candidate will thrive in high-pressure situations and drive relevant teams to take the right decisions to mitigate the security risks in a timely manner.
As part of the Security Team, you will be reporting directly to the Senior Manager, Cyber Security. You will be working closely with our R&D team. Your main task will be to ensure the integrity of Contentsquare’s products and for keeping Contentsquare’s users and customers safe. You will work out of our Paris (Headquarters), Barcelona or Remotely.

What you will do as a Security Engineer
  • Confidently and thoughtfully respond to security incidents, and proactively consider how to prevent the same type of incidents from occurring in the future
  • Design and coordinate cohesive responses to security events that involve multiple teams across the organisation
  • Develop security utilities and tools for internal use that enable you and your fellow Security Engineers to operate at high speed and wide scale
  • Design and maintain a portfolio of security alerts, automated actions and escalation workflows in support of an impactful 24/7 incident response capability
  • Improve the ability to respond to threats by leading new technology selection, configuration, internal product development, obtaining-buy-in, and implementations with a heavy emphasis on automation
  • Evaluate the impact to the organisation of current security trends, advisories and public exploits. Coordinate responses as necessary across affected teams to do the right thing for our customers and our organisation
  • Handle and extend our security detection capabilities (SIEM, WAF, honeypot, open source tools)
  • Constantly audit our technical platform and application to ensure the follow-up of security best-practices and identify security misconfigurations
  • Recognize, embrace and share the best practices on security engineering fields throughout the organisation: development, network security, application security, cryptography, security operations, incident responses
  • Communicate efficiently (in English) at multiple levels of sensitivity and multiple audiences
  • Fulfil regular on-call responsibilities
  • Establish metrics that demonstrate continuous improvements of the Security Incident Response Engineering capabilities and execute on your proposed strategy for improvements

    • What you will need to succeed in this role
  • 2-3 years of previous practical experience on Security Operations, especially experience coordinating responses to security incidents
  • Experience in building effective partnerships with internal customers
  • Experience building out detection and response programs for a SaaS or cloud-native company
  • Solid experience with developing security toolings and integrating security layers to Devops pipelines
  • Extensive knowledge of web protocols, security issues, common attacks, Linux/Unix tools, cloud architectures and threat landscape
  • Expertise with Security Information and Event Management (SIEM), such as: Wazuh / OSSEC and ELK
  • Familiarity with incident platforms, e.g. PagerDuty, TheHive
  • Deep knowledge of our technical stack and how to secure it :
  • AWS and Azure
  • Kubernetes / Docker
  • Ansible, Terraform
  • Datadog ASM as WAF
  • Github Action, Jenkins
  • Solid scripting skills: shell, python
  • Nestjs, Vuejs, Angular
  • Solid understanding of security concepts, standard methodologies and how to apply them, such as SSH, public key encryption, access credentials, certificates, TLS, data encryption, OWASP top 10
  • Analytical skills, Autonomy and Accountability
  • Fluent in english (French is a plus)
  • Solid understanding of MITRE ATTACK, NIST or similar threat frameworks is strongly preferred
    • Why you should join Contentsquare:


    ▪️ We’re humans first. We hire dedicated people and provide them with the trust, resources and flexibility to get the job done.
    ▪️ We invest in our people through career development, mentorship, social events, philanthropic activities, and competitive benefits.
    ▪️ We are a fast growing company with a track record of success over the past 10 years, yet we operate with the agility of a startup. That means a huge chance to create an immediate and lasting impact.
    ▪️ Our clients, partners and investors love our industry-leading product.

    To keep our employees happy and engaged, we are always assessing the benefits/perks we offer to ensure we are competitive. Here are a few we want to highlight:


    ▪️ Virtual onboarding, Hackathon, and various opportunities to interact with your team and global colleagues both on and offsite each year.
    ▪️ Work flexibility: hybrid and remote work policies.
    ▪️ Generous paid time-off policy (every location is different).
    ▪️ Immediate eligibility for birthing and non-birthing parental leave.
    ▪️ Wellbeing allowance.
    ▪️ Home Office Allowance.
    ▪️ A Culture Crew in every country to coordinate regular outings such as game nights, movie nights, and happy hours.
    ▪️ Every full-time employee receives stock options, allowing them to share in the company’s success.
    ▪️ We offer many benefits in various countries -- ask your recruiter for more information.

    We are a 2023 Circle Back Initiative Employer – we commit to responding to every applicant

    Contentsquare is an equal opportunity employer. Qualified applicants will receive consideration for employment without regard to sex, gender identity, gender expression, sexual orientation, race, color, religion, national origin, disability, protected veteran status, age, or any other characteristic protected by law.

    Your personal data is used by Contentsquare for recruitment purposes only. Read our Job Candidate Privacy Notice to find out more about data protection at Contentsquare and your rights. You can exercise your rights by using our dedicated Data Subject Rights Portal here

    Your personal data will be securely stored in our hosting provider’s data center in Oregon (US west). We have implemented appropriate transfer mechanisms under applicable data protection laws.

    Listing Details

    • Citizenship: Not Provided
    • Incentives: Not Provided

     

    • Education: Not Provided
    • Travel: Not Provided
    • Telework: Not Provided

    About Us

    NinjaJobs is a community-run job platform developed by information security professionals. Our unique approach of focusing strictly on cybersecurity positions allows us to personalize the user experience.

    Useful Links

    Our Contacts

    1765 Greensboro Station Pl.
    Suite 900
    Tysons Corner Va 22102

    (703) 594-7765

    requests@ninjajobs.org
    www.ninjajobs.org
    Chat with us!