DevSecOps Engineer m/f

⭐ About the team:

Made up of six subteams (Dashboard, Engine, Infrastructure, Integrations, Threat Research & Security), the DataDome tech team is spread across Europe and the US. We handle over 2 000 billion events per day giving responses within 3ms (99p). We are present in more than 25 data centers around the world, deployed using Docker.

We deploy on AWS, Scaleway, Vultr, and GCP, using Docker, Ansible and Terraform, and monitor with Grafana and Prometheus. We handle an average of  8 billion requests per day and manage more than 300 TB of data per month.

When it comes to our stack, we run real-time detection layer in Java, low latency Stream Engine running on Flink in Scala, ElasticSearch for storage, Kafka for communication between layers, HAProxy for load balancing, Symfony & Angular for our dashboards. We use Slack, GitHub, Hangouts, & StackOverflow for Teams. While previous experience in cyber is not a must, we'll pair you with mentors who will help you bridge the gaps. As #growth is part of our DNA, we’ll give you the resources and support you need to develop mastery.

You will be part of a 12 people team and we are looking for an experienced DevSecOps Engineer who will be in charge of improving our pipelines, reliability & security and providing a scalable platform to our customers.

👉 You will be more specifically in charge of things like :

• Building and maintaining Cloud infrastructure and On-Premise architecture aligning security, compliance, performance and resilience.
• Building security utilities and tools for internal use that enable the DevSecOps practices to operate at high speed and wide scale.
• Writing alerts and security as code deployments to provide protection from malicious traffic, vulnerabilities and other attack vectors.
• Developing security and compliance capabilities in support of DevOps processes.
• Creating and maintaining documentation for security systems.

Requirements

• You have been building pipelines and/or monitoring production environments for 2+ years in the cloud and/or on premises, in a Unix/Linux environments.
• Strong understanding of most widely used AWS Product and Services suite, their use cases, best practices and implementation, and approaches to take in securing such services, or similar experience in GCP
• You have a real passion for automation. You like managing all the infrastructure as a code and you know immutability principles. You have experience in putting in place security controls thanks to policies as code
• Strong understanding of security concepts, standard methodologies and how to apply them, such as OWASP top 10, public-key encryption, access credentials, certificates, TLS, data encryption, SSH, SAST/DAST, OpenID, OAuth, SAML, SSO etc
• You are ready to take, on-call duties
• You are fluent in English and french

Bonus points

• Familiarity with industry compliance and security standards including SOC2 or ISO 27001, CIS Benchmarks and NIST
• You have worked at high scale with systems like Apache Kafka, Apache Flink or ElasticSearch
• You have worked with Kubernetes and/or Jenkins (using Jenkins files)
• You understand, precisely, how Internet works

What’s in it for you?

• Flex Life: Flexible remote, hybrid or in office options, including working from our Paris office, located next to the Opera Garnier + 500€ stipend to help you set up your ideal workspace.
• Generous Health Benefits: Leading healthcare providers for each EU country (e.g. Alan in France).
• Professional Development: #Growth is part of our DNA, therefore we provide an annual stipend to invest in yourself.
• Events & Teambuilding: Feel the #TeamSpirit both virtually & onsite, with several events & workshops planned throughout the year, including two annual offsite events, summer & winter parties, lunch & learns, & much more.
• Perks: we prefer to adapt to what works best for you. Some prefer lunch on us, others prefer sports with friends, therefore we believe BotBusters should decide what works best for them.
• Parent Care: Gift & care packages for parents.
• PTO: Based on the country you are based from (e.g. 25 days in France).

What are the next steps?

• Talent Acquisition Manager will contact you for a first chat
• You will then meet with Jean-Louis (Head of Infrastructure)
• You will complete a technical test
• The final step will be a one-on-one meeting with Gilles (CTO)
• Welcome to DataDome!

What’s in it for you?

• Flex Life: Flexible remote, hybrid or in office options, including working from our Paris office, located next to the Opera Garnier + 500€ stipend to help you set up your ideal workspace.
• Generous Health Benefits: Leading healthcare providers for each EU country (e.g. Alan in France).
• Professional Development: #Growth is part of our DNA, therefore we provide an annual stipend to invest in yourself.
• Events & Teambuilding: Feel the #TeamSpirit both virtually & onsite, with several events & workshops planned throughout the year, including two annual offsite events, summer & winter parties, lunch & learns, & much more.
• Perks: we prefer to adapt to what works best for you. Some prefer lunch on us, others prefer sports with friends, therefore we believe BotBusters should decide what works best for them.
• Parent Care: Gift & care packages for parents.
• PTO: Based on the country you are based from (e.g. 25 days in France).

🦄 DataDome’s bot and online fraud protection detects and mitigates attacks with unparalleled accuracy and zero compromise. Our machine learning solution analyzes 3 trillion signals per day to adapt to new threats in real time. Hundreds of enterprises worldwide—including Reddit, Rakuten, and AngelList—trust DataDome’s solution and 24/7 SOC experts to protect their mobile apps, websites, and APIs against online fraud, ATO, carding, scraping, layer 7 DDoS, credential stuffing, and more.

A force multiplier for IT and security teams, DataDome is fully transparent, easy to deploy, and frictionless for consumers. We offer the only secure, user-friendly, and privacy compliant CAPTCHA integrated with our complete 360° bot detection solution. With 25+ regional PoPs and autoscaling technology, DataDome responds to requests with zero latency and no impact on the speed of protected platforms.

DataDome was ranked top G2 Leader in Bot Detection & Mitigation for three consecutive periods: Fall 2022-Spring 2023, was named a Strong Performer in the 2022 Forrester Wave: Bot Management, and placed 21st in cybersecurity on the Inc. 5000. Certified a Great Place to Work in the US and France, DataDome’s dedicated team of 160+ BotBusters spans the globe as far as its high-profile customer base.

DataDome is an equal opportunity employer, and proud to be committed to diversity and inclusion. We will consider all qualified applicants without regard to race, color, nationality, gender, gender identity or expression, sexual orientation, religion, disability or age.