💼 We're making the world of digital assets accessible and secure for everyone. Join the mission!
Founded in 2014, Ledger is the global platform for digital assets and Web3. Over 20% of the world's crypto assets are secured through our Ledger Nanos. Headquartered in Paris and Vierzon, with offices in the UK, US, Switzerland, and Singapore, Ledger has a team of more than 900 professionals developing a variety of products and services to enable individuals and companies to securely buy, store, swap, grow, and manage crypto assets – including the Ledger hardware wallets line with more than 6 million units already sold in 200 countries.
Reporting to the Cyber Security Operations & Engineering Senior Manager, you will be a part of Ledger's Cyber Security team.
Your mission is twofold:
- Building and driving the cybersecurity transformation by integrating secure development practices, ensuring application security via automated scanning, and collaborating closely with the Infrastructure, Engineering, and The product security (Donjon) teams.
- Running the day-to-day security operations, Endpoint Detection and Response (EDR), incident management, vulnerabilities scanners results, bug bounty management, and other operational aspects.
Your mission
- Collaborate with the Infrastructure, the engineering, and the Product Security teams to integrate security into the delivery plans, ensure early detection and mitigation of security vulnerabilities.
- Work closely with the product Security team responsible, to provide automation and tooling for product security evaluation integration in CI/CD pipeline.
- Engage in proactive security practices, including penetration testing, vulnerability assessments, and Infrastructure Security (IaC) code reviews to ensure Ledger's platforms and applications are secure.
- Participate in the design and implementation of security architectures, from the design to the risk assessment.
- Act as the primary point of contact for any security incidents, ensuring rapid response, mitigation, and post-incident analysis.
- Drive the adoption of DevSecOps culture, best practices, and methodologies across the organization, ensuring continuous security improvement.
What we’re looking for
- 5+ years of experience in information security, including 3 years of experience in cybersecurity, with a focus on DevSecOps & automation, security assessment, and cloud-native environments.
- Proficiency working in Unix/Linux environments, Git, Python, Terraform, Kubernetes, AWS cloud solutions and architectures, CI/CD tools, configuration management, etc.
- Hands-on experience with security tooling deployment, monitoring, and incident response.
- Proven track record of cross-functional work, with the ability to collaborate effectively with various teams and stakeholders.
- Excellent presentation and written communication skills.
- Ability to work autonomously, deal with ambiguity, and handle high-pressure situations.
What’s in it for you?
- Equity: Employees are the foundation of our success, and we award stock options so you can share in that success as we grow.
- Flexibility: A hybrid work policy.
- Social: Annual company outing for Ledgerdary Days, plus frequent social events, snacks, and drinks.
- Medical: Comprehensive health insurance policy offering extensive medical, dental, and vision care coverage.
- Well-being: Personal development, coaching & fitness with our dedicated partners.
- Vacation: Five weeks of paid leave per year, in addition to national holidays and rest & relaxation (RTT) days.
- High tech: Access to high-performance office equipment and gadgets, including Apple products.
- Transport: Ledger reimburses part of your preferred means of transportation.
- Discounts: Employee discount on all our products.
We are an equal opportunity employer for all without any distinction of gender, ethnicity, religion, sexual orientation, social status, disability, or age.
#LI-HG #LI-Hybrid