Le télétravail est-il possible pour ce poste ?

Le télétravail est autorisé pour ce poste.

Quel est le type de contrat pour ce poste ?

Le contrat pour ce poste est de type {contract_type}.

Lead Security Engineer - Riot

Riot

Lead Security Engineer

Résumé du poste

CDI

Paris

Salaire : 65K à 80K €

Télétravail fréquent

Compétences & expertises

Contenu généré

Connaissances en cybersécurité

Mdm

Intercom

Postuler

il y a 4 jours

Riot

Cette offre vous tente ?

Postuler

Questions et réponses sur l'offre

Le poste

Descriptif du poste

We're a product-first team on a mission to help grow the cybersecurity culture 🔐

We want to instill cybersecurity good practices to employees in a way that's actually effective, and entertaining enough so that employees don't feel like they're working. Think Duolingo but for cybersecurity.

We created a platform to easily rollout a cybersecurity awareness program: the platform sends chat-based 4-minutes long courses to teams. Following the courses, the other side of the platform simulates phishing attacks, to prepare employees to face hackers — but in a safe environment.

Created in 2020, Riot has raised $30m with leading investors (Y Combinator, Left Lane, Base10, Funders Club and Frst Capital) and is now protecting more than 1 million employees in over 1,500 companies (including Intercom, Deel, and Deezer) all over the world.

Cybersecurity is everywhere. It's impacting everyone, everyday, and it's becoming the number one risk to any organization, whether it's a small business or a big firm. Yet, the cybersecurity culture in most companies is a disaster. Hackers are leveraging this by targeting the weakest link: the employees. We're on a mission to fix that.

As the first Security Engineer in our organization, you will lead and define our security strategy across IT management, security programs, compliance, and application security (AppSec). You will play a crucial role in ensuring our infrastructure, software, and processes are secure, scalable, and compliant with industry standards. This is an opportunity to establish and drive security initiatives from the ground up in a dynamic cybersecurity environment.

What you will do 🤝

- Lead security initiatives like bug bounty, penetration testing, app monitoring, dependency management, and secure IaC with DevOps.

- Maintain SOC2 compliance, implement ISO27001, and manage audits and third-party security reviews.

- Embed security into development workflows, fix vulnerabilities, and deploy AppSec tools and processes.

- Manage IT operations including MDM, employee access, and infrastructure security controls.

Who you are 🪪

Experience: 3-7 years experience in security engineering or software engineering.

Familiarity with SOC2, ISO27001, and compliance frameworks.

You have hands-on experience with bug bounty programs, penetration testing programs, and vulnerability management.

You have strong communication and ability to work collaboratively with engineering and cross-functional teams.

You have a full professional proficiency in English and native in French

You're based in Paris or you're willing to relocate

It will be a cultural fit if 🫂

You're a doer: not afraid to get your hands dirty and get things done

You have high standards: expect performance to be nothing short of the best

You are an enthusiastic at heart: exhibit passion and excitement over work

Why join us at Riot 💜

Join a healthy-financial company: we already are break-even, fundraising helps us to accelerate our scale!

Contribute to a fast-moving environment where growth is real—our revenue grew by an impressive 2.5x in 2024!

Experience the energy of a collaborative team in our modern and cosy office located in heart of Paris: Le Marais

Recruitment process 🎙️

First call with the software engineer currently leading the security effort (30min)

Onsite case study with the CTO (2hr)

At RIOT, we believe that diversity drives innovation and inclusion fosters belonging. We are committed to building a team that reflects a wide range of perspectives, backgrounds, and experiences. We welcome candidates from all walks of life and are dedicated to creating an environment where everyone feels valued, respected, and empowered to thrive.

Please note that this is an on-site position with up to 2 days per week of remote work.

Envie d’en savoir plus ?

Rencontrez Alexandra, Senior Account Executive

Découvrez l'entreprise

Explorez la vitrine de l’entreprise ou suivez-la pour savoir si elle vous correspond vraiment !

Explorer l’entreprise

Ils sont sociables

L'entreprise

Riot

SaaS / Cloud Services, Cybersécurité

75 collaborateurs

Créée en 2020

Âge moyen : 28 ans

25%

75%

Qui sont-ils ?

We want to encourage employees to adopt better cybersecurity practices in a way that’s actually effective, and entertaining enough that the training doesn’t feel like work. Think Duolingo, but for cybersecurity.

We created a platform to roll out a cybersecurity awareness program quickly and easily by sending short conversations of just 3-4 minutes. The platform also simulates phishing attacks to prepare employees to face hackers in a safe environment.

Cybersecurity impacts everyone, every day, and is now the number one risk to any organization, from small businesses to big firms. And yet, in most companies the cybersecurity culture is non-existent. Hackers know this, and they’re taking advantage by targeting the weakest link: employees. We’re on a mission to fix that for good.