Security Engineer

✨ About Diabolocom ✨

Diabolocom empowers organizations worldwide to build brand loyalty and drive sales growth. Our innovative cloud-based solution leverages proprietary AI technologies to optimize contact centers of medium to large sizes, enabling efficient management of customer interactions across all communication channels. As a telecom operator, we ensure premium voice quality, efficient handling of high call volumes, and provide phone numbers worldwide.

Our comprehensive range of AI services, specifically designed for customer relations, elevates data quality and automates tasks. These services, fully integrated into our cloud contact center solutions, are also accessible through APIs in multiple languages.

We empower Customer Service and Sales teams to effectively handle all inbound and outbound interactions thanks to our state-of-the-art dialer. Our solution seamlessly integrates with leading CRMs and offers real-time monitoring and analytics capabilities.

Diabolocom, with offices across Europe, the USA, Brazil, and the UAE, proudly serves 350+ clients, with agents operating from 60+ countries.

👤 About You 👤

To sustain the company's growth, we are creating the position of IT Security Engineer to work directly with our CISO to enhance the Security Team.

At Diabolocom, you will:

Be the second person of a growing security team and work directly with our CISO on the following topics:

• Maintaining and continuously improving our security practices, processes, technical procedures, internal documentation.
• Keeping up to date with the evolving threat landscape.
• Compliance activities with our existing PCI DSS and future (SOC2, ISO27001) certifications.
• Automation: Developing appropriate tooling and scripts for scaling security operations and compliance activities.
• Security culture and awareness across tech and non-tech teams (trainings, security champions, communicating best practices, technology watch).
• Security architecture: being security referent for product & infrastructure security decisions.
• Internal security assessments and audits (configuration, vulnerabilities, access rights, internal red team).
• Vulnerability management: supporting tech teams in identifying and correcting vulnerabilities (on-prem and cloud deployments).
• Application security: CI/CD security pipelines, SAST, DAST, image scanning, code reviews, secure coding training.
• Infrastructure security: IaaC, configuration hardening, BC/DR plans and IAM.
• Security incident detection & response in collaboration with our managed Security Operations Center service and DevOps teams.

🌟 What We Are Looking For 🌟

• Engineering school with a specialization in IT security or equivalent experience.
• Understanding of topics related to technical architectures, cloud technologies (APIs, databases, microservices), desktop environments and how to secure them.
• Knowledge of at least one scripting language like Python to automate operations where possible.
• Passion for tech and cybersecurity and willingness to learn and grow in these areas, challenge-driven.
• Strong interpersonal skills, ability to listen to, understand and propose solutions to complex problems, teaching people and working in a team.
• Autonomous, precise and rigorous.
• You are comfortable in a scale-up culture, with an organization that leaves plenty of room for personal initiative.
• Excellent oral and written communication in English, and ability to summarize.

Previous experience in some or all of the following will also be highly appreciated:

• Infrastructure as Code (IaaC): ansible, terraform, gitops, vault…
• Container and virtualization technologies (kubernetes, docker), on premise infrastructure, Linux systems and how to secure such deployments.
• Working as security engineer / devsecops in tech startups or scale-ups.
• Building security CI/CD pipelines and automations.
• Working with a SOC/SIEM and EDR, performing incident response.
• Penetration testing and red teaming.
• Any security certifications like OSCP, OSEP, CPTS, ISO 27001 LI, CISSP, AWS Solutions Architect/Security…
• Work experience with one of the following certifications: PCI-DSS, HDS, ISO 27001 or SOC2.
• Any public contributions, open source projects, CTF profiles (HackTheBox, root-me, etc…), blogs, research or achievements you’d like to share.

🎁 What’s In It For You? 🎁

• You’ll have a multi-day onboarding to get to know our product, our teams and our culture!
• You’ll have the chance to work in a multicultural environment with colleagues coming from 5 different countries and 10 different nationalities 🇨🇵🇩🇪🇪🇦🇮🇹🇬🇧.
• You’ll have first-choice IT equipment.
• Our office is based right in the heart of Paris, 100 meters from the Opera Garnier!
• Remote friendly.
• Lunch vouchers: Swile card.
• Team building events: Athens, Meribel, Ibiza, Porquerolles… what’s next? 😎
• Be part of a company at a key moment of its growth, with lots of opportunities 🚀.
• You’ll be lucky to join a team that is big enough to thrive but also small enough to actually have an impact on the success of the organisation!
• A context to work in where your ideas are listened to and valued, and in which you can easily contribute and make a difference.
• We offer opportunities to learn and grow.

📅 Recruitment Process 📅

• Call or visio with a Talent Acquisition Manager (30 minutes).
• Technical visio with Kevin, Head of IT Security (1h30).
• Live exercise (1h30).
• On-site or visio with Sergey, CTO and Kevin, Head of IT Security (1h).

At Diabolocom, diversity and inclusion are in our DNA. All qualified applicants will receive equal consideration for employment without regard to color, language, religion, sex, sexual orientation, gender identity, national or social origin, opinion, disability, age.