Does this position allow remote work?

Yes, fully remote work is allowed for this job.

What type of contract is offered for this position?

Type of contract for this position: {contract_type}

Staff Security Engineer – Back Market – Permanent contract

Back Market

Staff Security Engineer

Job summary

Permanent contract

Paris

Salary: Not specified

Fully-remote

Skills & expertise

Generated content

Communication skills

Golang

Kubernetes

Python

Circleci

Apply

18 hours ago

Back Market

Interested in this job?

Apply

Questions and answers about the job

The position

Job description

Hi, we’re Back Market.

We’re here to help make tech reliable, affordable, and better than new. We're a global marketplace for refurbished devices, helping lower our collective environmental impact by providing trustworthy, affordable tech with 92% less carbon emissions than new.

Yep, you read that right. Turns out refurbished tech is way better for the planet than new. In fact, With every device purchased on Back Market, our positive impact on the planet grows. From our Customer Care representatives to our software engineer, every individual at Back Market cuts the planet — and consumers — a break. Our mission is simple: to do more with what we already have.

Are you ready to join us?

As a Staff Security Engineer within our CyberSecurity Tribe, safeguarding Back Market's information assets stands as the primary objective. Our SecOps team manages both Security Architecture & Engineering topics, as well as actively monitoring, responding to, and remediating incidents.

Your role is pivotal within our organization, offering unparalleled opportunities to shape not only our security architecture and stack but also the security of our products across our web and app environments. By joining our team, you'll be at the forefront of driving innovation in cybersecurity while contributing directly to our mission of promoting sustainability in the tech industry. This is more than just a job—it's a chance to make a lasting impact on the way technology is consumed globally

As a domain expert and advocate of cybersecurity best practices you will be :

Leading a technical focus on continuous improvement of the company's security posture, ensuring resilience to threats.

Strategically guiding and executing large, complex projects, driving technical vision and Security architecture, fostering collaboration, and effectively communicating to impact the entire organization's tech quality and growth.

Identifying blockers to organizational efficiency and effectively advocating for remediations.

Ensuring focus is on the highest impact, most critical, future-facing decisions.

Assisting managers to ensure proper delegation at all levels of the organization, appropriate decision-making, and free flow of information.

Sharing time between supporting and advising technical teams, automating and enhancing security controls, improving our security framework, mentoring fellow Security Engineers, and leading the design, build, and operation of modern security solutions that scale.

Contributing to monitoring security alerts & events to identify potential threats & incidents, investigating & analyzing security incidents to determine the extent and impact of the breach, collaborating with other teams to gather and analyze threat intelligence & maintaining and enhancing security incident detection and response procedures.

Informing and defining the best approaches to address challenges, aligning company goals and objectives with minimal effort expenditure.

What we're looking for :

You are a talented and experienced engineer, with at least 10 years experience of securing web services in dynamic cloud environments

With proven experience as a Security Engineer / SOC analyst with cross-team influence

A strong understanding of cybersecurity principles, techniques, and best practices

Acting as a role model for facilitating and balancing product and engineering concerns, including long-term sustainability

Demonstrable ability to plan & execute large, complex projects with interdependencies.

Collaborating with leaders across the company to get maximum business impact with minimum resources.

You believe in the importance of security automation following a secure development lifecycle, with the ability to develop your own scripts and tools to succeed in your mission.

Be comfortable conducting Security Requirement Analysis & propose cybersecurity architectures based on the analysis.

Threat intelligence and attack patterns expertise

Proficient in vulnerability analysis and remediation, with knowledge about setting up and tuning scanners.

Understanding of edge protection technologies including WAF, Bot management, rate limiting etc.

Familiarity with SIEM tools, network and endpoint security technologies

Passion for cybersecurity, hands-on, and eager to contribute code to our in-house modern security technologies.

You are curious, rigorous, and enjoy exploring new methods and technologies.

Transparency in communications and able to find solutions by partnering with your team when you don't have the answer.

You like to share knowledge, and make your colleagues aware of good cybersecurity practices, by supporting your proposals with concrete examples and demonstrations.

It would be a plus if your skills are recognized by a certification such as (ISC)² CISSP, CCSP or CSSLP, SANS GCTI, GDSA, CSA CCSK, BTL2 - or you are ready to obtain it in the near future.

You want to join a challenging technical environment: GCP, Kubernetes, ArgoCD, Terraform, Datadog, Cloudflare, Google Chronicle, Github, CircleCI etc., where you can spread your influence and help secure our environment.

Proficient in several coding languages such as Python, TypeScript, Golang, etc.

Great verbal and written communication skills, in English.

Interview process :

* Call with Yann one of our tech talent acquisition specialists

* Leadership interview with our engineering leadership

* Technical interview with members of the Cybersecurity team

* Technical interview : System design & API

* Team Fit interview with your Manager and one of your future stakeholder

* Value interview

WHY SHOULD YOU JOIN US ? ✌🏼

At Back Market, we’re committed to hiring and supporting diverse teams of people from all backgrounds, experiences, and perspectives — it’s one of the reasons we’re such a high-scoring certified B Corp company (93.2).

No matter your role and seniority level, you’ll enjoy impact-driven work with hands-on career development in an innovative, driven, and fast-paced environment — with benefits to match, like:

- A mission driven work environment where your day to day makes an impact on the planet. Seriously.

- Employee Resource Groups, including mentorship programs, comprehensive accessibility policies, and cultural competency training.

At Back Market, we strive to create a workplace that embodies the world we’re trying to change. We’ve embedded our diversity, equity, and inclusion principles into our DNA — from dedicated staff to employee resource groups to our company values.

We know that the perfect background for a role doesn’t mean the perfect fit — we encourage you to apply for a role even if you think you may not have all the qualifications.

If reasonable accommodations are needed for the interview process, please do not hesitate to discuss this with the Talent Acquisition Team.