Remote Senior Security Engineer - Paris

Description:

• As a Senior Security Engineer, you will be responsible for fostering and maintaining a good security posture on our infrastructure, application, and processes to help other teams deliver customer value on top of Voice.
• You will embed security early in the software development lifecycle by collaborating closely with engineering teams to integrate secure coding practices, automated security testing, and threat modeling.
• Your role includes developing and implementing security guardrails, ensuring developers and infrastructure teams can self-serve secure frameworks and best practices.
• You will conduct security reviews for new features, services, and infrastructure changes, proactively identifying and mitigating risks before deployment.
• The position involves designing and implementing AI-driven security solutions, leveraging machine learning for anomaly detection, threat intelligence, and automated response.
• You will develop automation to streamline vulnerability management, compliance reporting, and security operations.
• Your responsibilities include building and maintaining security-as-code templates, playbooks, and CI/CD-integrated security controls, enabling developers to securely deploy software without friction.
• You will provide internal tooling and training that empowers teams to manage security risks without needing constant security team intervention.
• Advocating for a DevSecOps culture by mentoring teams and driving security awareness across the engineering organization will be part of your duties.
• You will harden Aircall’s SaaS infrastructure by designing scalable, cloud-native security solutions using AWS, Kubernetes, Terraform, etc.
• Strengthening API security and application security by enforcing best practices for authentication, authorization, and secure data handling is essential.
• You will monitor and improve security observability, ensuring visibility across all environments through logs, alerts, and automated threat detection.
• Owning and improving incident detection and response capabilities to ensure rapid containment and resolution of security threats is a key responsibility.

Requirements:

• You must have at least 5+ years of experience in Security involving Public Clouds, preferably AWS.
• A strong development background with experience in secure coding practices is required.
• Experience with automation and AI-driven security, including ML-based threat detection and security automation tools, is necessary.
• Hands-on expertise in DevSecOps, integrating security tools into DevOps workflows (SAST, DAST, IaC scanning, runtime protection), is essential.
• You should have a shift-left and enablement-focused mindset, with a passion for making security a frictionless part of engineering workflows rather than a blocker.
• A self-service mindset is important, believing in building security guardrails and automation so developers can self-serve security solutions.
• You must be a problem-solver and automation-first thinker, constantly looking for ways to remove manual work through scripting, AI, or process improvements.
• Strong collaboration and communication skills are required to partner with developers, SREs, and product teams to drive security adoption.
• You should be a security evangelist, proactively educating teams on security risks and best practices through training, workshops, and internal documentation.

Benefits:

• Joining Aircall at this key moment offers growth and opportunities within the company.
• Work-life balance is important at Aircall, ensuring that our people matter.
• The environment is fast-learning, entrepreneurial, and fosters a strong team spirit.
• Aircall boasts a cosmopolitan and multi-cultural mindset with 45+ nationalities represented.
• A competitive salary package and benefits are provided to employees.
• Aircall is committed to diversity, equity, and inclusion, promoting active inclusion within the business to foster a strong sense of belonging for all employees.