Security Engineer (All genders)

  • Paris, France
  • Full-time
  • Department: Operations
  • Skills / Job Strem Ref: Corporate IT Engineering
  • Type of Contract: Permanent

Company Description

Dailymotion is the leading video discovery destination & technology that learns about your tastes over time, constantly surfacing the best, most relevant content on the web. Our mission is to provide the best video user experience for consumers on the market, connecting publishers and advertisers to engaged viewers who turn to dailymotion for their daily fix of the most compelling music,  entertainment, news and sports content around.

Through partnerships with the world's leading publishers and content creators, France Télévisions, Le Parisien, CBS, Bein Sports, CNN, GQ, Universal Music Group, VICE and more, Dailymotion commands 3 billion monthly pageviews across its mobile app, desktop and connected TV experiences. Dailymotion is owned by Vivendi, one of the largest mass-media corporations in the world.

At Dailymotion, we‘re storytellers. We build the best place for people to enjoy the videos that matter. We do this through utilizing and developing cutting-edge technology and pushing the envelope to bring discoverable stories to life through premium content from the world’s best publishers. We do this by helping these publishers grow their audiences and monetize their content, their way.

Dailymotion is proud to be an equal employment opportunity and affirmative action employer. We value inclusion and we want you to help us thrive for a more diverse community.

Job Description

Dailymotion’s Security and Privacy team is in charge of the security of both Dailymotion’s production platform, and its corporate IT environment. The team is looking for an experienced security engineer to contribute to its mission critical projects and security operations.

Within a growing security team and with large-scale production platform to defend, you’ll have opportunities for delivering exciting and impactful projects, requiring a broad range of InfoSec skills.

Responsibilities will include:

Surveillance and incident response:

  • Participate in improving our detection capabilities by developing data collection capabilities, alerting and dashboarding using our SIEM
  • Perform internal security assessments, operate our public bug bounty program
  • Contribute to security investigations related to incident response and fraud investigation

Strategy definition and security projects

  • Under the coordination of the CISO, participate in the definition of a multi-year, risk-driven security roadmap
  • Steer and deliver technical projects to participate in implementing the security roadmap, either autonomously or with support from other engineering teams

Security monitoring, vulnerability mitigation and incident response

  • Improve our security monitoring and incident detection capabilities, relying on our Security Information and Event Management System (SIEM), working with infrastructure and development teams to identify and collect relevant information from Dailymotion’s platform
  • Analyze vulnerability reports incoming from Dailymotion’s bug bounty program, and, when necessary, implement/code exploitation techniques to illustrate the risks and discuss mitigations with developers and business teams
  • In cooperation with Dailymotion’s technical teams, track the vulnerability mitigation pipeline, from impact scoring and design of the mitigation strategy to retests
  • Contribute to security investigations related to incident response and fraud investigation

Security awareness and support

  • Perform basic, internal security assessments, and security-focused code reviews for internal projects, notably to confirm vulnerability mitigations
  • Work with developers and process owners to evangelize the security culture inside the company

Incident response

  • Contribute to security investigations related to incident response and fraud investigation, develop automated routines to process large datasets to (hands-on with sed, awk, grep, python/pandas, and Splunk’s SPL)

Qualifications

  • Broad skillset in information security in particular typical web vulnerabilities – experience in consulting is a plus
  • Risk based approach, ability to understand the business stakes beyond the technical impacts
  • Experience in a least one of the following is a must have: web security (hands on), large scale, production platforms, AdTech ecosystem, Microsoft Active Directory and Azure Active Directory (environment), SIEM (Splunk, Elastic…), data privacy regulations
  • Ability to code scripts to fetch and process datasets using both sed/awk/grep toolkit (or similar) and python
  • Some knowledge and understanding of security norms and standards (ISO2700x, EBIOS, ITIL or else) will be seen as a plus
  • Great rigor: very structured approach to problems and strong attention to details
  • Fluent English (written and oral)

 

TECHNICAL ENVIRONMENT

  • PHP, Go, Python, JQuery, GraphQL, OAuth, Kubernetes, Docker, GCP, Ubuntu for production platform
  • Okta, Mac OS X, MS Windows, Active Directory, Azure Active Directory/O365, JamF, LastPass, OpenVPN for the office IT environment
  • Splunk, BigQuery, Pandas, Nessus, Suricata, OpenVPN for the Security tools

 

Additional Information

  • Location: Paris (France) - Flex Remote Policy
  • Start Date: depending on your availabilities 
  • Contract Type: Full-time and Permanent contract  

🔍 Want to learn more about us:

For French Offices 🇫🇷

🏡Hybrid Work Framework (4 types of remote work : Full office /Flex office (1/2 days remote) / Flex remote (1/2 days at the office) / Full remote + ability to work 3 month abroad)
💰  Saving Plan Vivendi 
🍼  Paternity leave or Coparental leave extended 
🕶️  Living Employee Culture (Events / Trainings / Partys / All hands / Dailymotion tradition…) 
🚀  Career development support (training / internal mobility / compensation cycle / 360 quarter feedback review …)
🏥  High-end Health Insurance and Personal Services Vouchers (CESU)
⛱️  Paid Time off – RTT and Saving time plan (CET)
✅  Meal Vouchers – Public Transport and Bike refund 
🎡 European Economic and Social Committee (sport membership/cinemas vouchers/gift vouchers/discount) 

Privacy Policy