Offer summary

Qualifications:

Minimum of 5 years of incident response experience with leadership in critical incidents., Strong expertise in cloud security, Infrastructure as Code (Terraform), and Python scripting., Proven skills in digital forensics and log analysis, with familiarity with tools like Datadog., Excellent leadership and communication skills to coordinate cross-functional teams..

Key responsibilities:

Lead and manage complex security incidents from detection to resolution.

Coordinate with various teams during critical incidents to ensure effective mitigation and recovery.

Develop and improve incident response procedures, playbooks, and escalation processes.

Design and lead crisis simulation exercises to test incident response readiness.

Job description

At Swile, we believe that effective products contribute to reducing daily professional friction and enhancing employee satisfaction. We offer innovative solutions in Fintech, Travel, HR, and Employee Benefits to over 6.5 million users across 85,000 companies in France and Brazil.

We are establishing a new and important role within our Cybersecurity department for a Senior Security Engineer - Incident Response. This position is a priority, designed to significantly strengthen our capabilities in detecting, responding to, and recovering from complex security incidents. Given the current number of N3 incidents, this role is essential for maintaining our security posture and ensuring business continuity.

🦾 Key Responsibilities

As a Senior Security Engineer specializing in Incident Response, you will be central to our incident handling efforts, applying your technical expertise and leadership. Your responsibilities include:

Incident Response & Forensics Leadership:

Leading N3 Incident Response: Managing complex security incidents from detection to resolution, including in-depth investigations and digital forensics (SOC investigation forensics).

Driving Mitigation & Recovery: Coordinating and leading cross-functional teams (including Development, Engineering Managers, Support, Security, and Legal) during critical incidents. Ensure timely containment, eradication, and recovery by guiding teams to stop the incident, perform forensics, and apply necessary patches.

Post-Incident Analysis & Follow-up: Conducting thorough root cause analysis, ensuring effective patching and remediation, and diligently following up to confirm long-term resolution and stakeholder awareness. Address current challenges in follow-up due to operational demands.

Process Improvement: Developing, refining, and documenting incident response procedures, playbooks, and escalation paths for increased efficiency.

Crisis Exercises: Designing and leading crisis simulation exercises with various scenarios to test and improve our incident response readiness.

Proactive Security & Cloud SecOps:

Cloud Security Tooling: Building and implementing robust cloud security tools and infrastructure to proactively prevent incidents when not actively responding.

Security Architecture & Best Practices: Contributing to architecture design reviews, promoting secure design, and ensuring secure deployment and maintenance of cloud architectures.

Automation: Improving and automating detection and response mechanisms.

Compliance: Actively contributing to the team's objective of achieving ISO 27001 compliance, focusing on incident response and cloud security.

Security Operations Enhancement: Collaborating with the Security Operations Center (SOC) to optimize log analysis (using tools like Datadog) and enhance overall detection capabilities.

✨ It will be a good fit if you have

Incident Response Experience: A minimum of 5 years of hands-on experience in incident response, with a track record of leading critical incidents end-to-end. We value leadership in guiding diverse groups towards incident mitigation.

Technical Expertise in Cloud Security: Solid expertise in cloud security (CloudSec), Infrastructure as Code (Terraform), and Python for automation and scripting. Experience with cloud environments (AWS/Kubernetes is an asset).

Digital Forensics & Log Analysis Skills: Proven experience in digital forensic investigations and proficiency with various log analysis and forensics tools. Experience with Datadog is a nice plus.

Leadership & Communication: Ability to lead and coordinate large, cross-functional teams under pressure. Clear verbal and written communication skills are important for conveying technical issues to all stakeholders.

Proactive & Structured Approach: Ability to work autonomously on building new tooling, documentation, and procedures when not actively responding to incidents.

📓 One thing worth to be mentioned

We welcome individuals with entrepreneurial backgrounds as well as those from established organizations. At Swile, we believe that delivering impactful products requires engineers to understand the needs of users and clients as well as the code itself.

⚒️ Our tech stack

You do not need to be familiar with our technical stack or any specific functional area, but we have a strong willingness to learn and adapt quickly.

Ruby/Rails, Typescript/React/Node.js

Android(Kotlin), iOS(Swift)

AWS/Kubernetes, PostgreSQL, Kafka, Redis, Snowflake, Datadog

💡What’s in it for you ?

Impactful Role: A key role in a dynamic cybersecurity environment within the financial sector, addressing important challenges related to finance and fraud.

Collaborative Environment: Work within a scale-up culture with fewer silos and a focus on collaboration, where team members are engaged and interested in security.

Cloud-Native Focus: Opportunity to work with modern cloud environments and current security practices.

Growth Opportunities: Professional development and career progression opportunities within a supportive team.

Compensation: A competitive salary and benefits package.

Required profile