Senior Security Engineer
Salary
Skills
Location
Languages
Job Description
🎯 What you’ll own & the role
Build Security from the ground up!!
We're looking for a hands-on Senior Security Engineer who will be the driving force behind bsport's security transformation.
This is not a purely strategic role, you'll be rolling up your sleeves to implement security controls, respond to incidents, and build our security program from fundamentals.
This role is critical because:
- You'll directly protect ~10 million users' personal data.
- You'll enable our sales team to confidently answer security questionnaires as we pursue enterprise clients.
- You’ll work in the SRE team, with close collaboration with SWE teams and exposure to most if not all department leaders.
- You'll reduce business risk in a fast-scaling environment where security incidents can damage trust and revenue.
What you'll do?
🛠️ Hands-on Security Engineering (60%)
Drive and maintain top-notch security across our platform:
- 🔒 Harden AWS infrastructure, Kubernetes clusters & app security.
- ⚡ Implement automated scanning (SAST/DAST) & dependency checks.
- 🛡️ Strengthen authentication & identity management (SSO, MFA, Google Workspace)
- 🕵️♂️ Set up vulnerability management & alerting integrated with engineering sprints.
- 🚨 Respond to security incidents, create runbooks & support customer security requests.
👥 Security Culture & Training (40%)
Promote a strong security mindset across the company:
- 🎓 Build engaging, role-specific training & run phishing simulations.
- 💻 Define & enforce hardware & endpoint security standards.
- 🤝 Develop a network of security champions & self-service guides.
- 📜 Create pragmatic policies & governance that balance security with business needs.
🧰 Stack:
- AWS
- Infrastructure as Code: Terraform, Helm
- Container orchestration: Kubernetes, Docker
- Monitoring: Grafana, ELK stack
- Backend: Python Django, FastAPI, Celery
- Frontend: React, TypeScript
- Databases: PostgreSQL, Redis, RabbitMQ, Kafka
- CI/CD: GitLab CI, ArgoCD
🦄 You might be a great fit if:
- 5+ years in security engineering, infrastructure security, or security software engineering roles.
- Strong hands-on experience with AWS or GCP security (IAM, security groups, WAF, etc.).
- Deep understanding of application security (OWASP Top 10, secure coding, API security).
- Experience building security programs from scratch in fast-growing startups or scale-ups.
- Proven track record in incident response and handling data breach scenarios.
- Good programming skills (at least one of Python, Typescript, Golang)
- Experience with infrastructure security (Kubernetes, container security, IaC security)
- Prior experience training employees on Security.
Nice to have:
- Experience with GDPR compliance and data protection regulations.
- Background in penetration testing or offensive security.
- Familiarity with our tech stack (Django, React, PostgreSQL, Terraform)
- Experience responding to security questionnaires for enterprise sales.
- SOC2 or ISO27001 implementation experience.
What we offer
🌅 Vibrant office in Barcelona - Passeig St. Joan with free drinks and snacks to fuel your mornings and recharge during breaks.
🤸♀️ Flexible working model, hybrid setup with 2 remote day per week, plus 15 extra remote days per year.
💌 Health insurance fully covered by the company.
🏋🏽♀️ Negociated gym deal with Wellhub: get access to a wide range of gyms, studios, and wellbeing apps.
🌍 A diverse, collaborative workplace, join an international team!
🛏️ Feel supported with paid sick leave, because your health always comes first.
Hiring Process
- 👋🏼Interview with Talent
- 🧑🏽💻Live Coding
- 🔐Security case study
- 🤝 Cultural fit
Location
Paris, France