Senior Security Engineer

Docebo


Job Location:

milan - Italy

Monthly Salary: € 51 - 55
Posted on: 2 days ago
Vacancies: 1 Vacancy

Job Summary

Artificial Intelligence. Actual Impact.

At Docebo were using AI to change how people learn at workand we mean actually change it. Were an AI-powered learning platform that helps organizations create deliver and manage training all in one place. But our real mission goes deeper: we help teams move faster work smarter and focus on the work that truly matters. Our platform is built with intelligent time-saving tools that personalize learning eliminate busywork and turn training from a checkbox into a superpower. The result Better experiences for learners and real results for businesses.

Were shaping the future of learning with a team that isnt afraid to challenge the status quo. If youre excited by the idea of using AI to make work-life better for real peopleyoull feel right at home here. And its not just what we build its how we show up. At Docebo our values arent just posters on the wallthey guide how we work every day. We call it the Docebo Heart: trust by default assume positive intent and create space for different perspectives to thrive.

So what are you waiting for Join 900 Docebians around the world and help us reinvent the way people learn because learning never stops.

Role Overview

The Senior Security Engineer will play a central role in securing Docebos cloud infrastructure with a primary focus on AWS environments. Working closely with Cloud Infrastructure & Operations Engineering and other security teams this role is responsible for designing implementing and continuously improving cloud security controls across all layers of the stack from infrastructure provisioning and container orchestration to runtime detection and compliance enforcement. This is a hands-on high-ownership role for someone who thinks in terms of risk and moves quickly to reduce it. The role also includes participation in an on-call rotation for security incidents affecting Docebo systems.

Responsibilities (including but not limited to):

  • Cloud Security Architecture & Hardening: Own the security posture of Docebos AWS environments. Define and enforce secure account structures service control policies (SCPs) guardrails and baseline configurations across multi-account setups. Evaluate and improve network segmentation IAM boundaries and data protection controls. Identify and remediate misconfigurations using CSPM tooling and manual review.

  • Infrastructure as Code Security: Partner with Cloud Infrastructure to integrate security controls into IaC workflows. Define guardrails to catch insecure configurations before deployment. Own security scanning in CI/CD pipelines and promote a shift-left approach to cloud security across engineering teams.

  • Incident Response & On-Call: Participate in the on-call rotation for security incidents including triage containment and escalation for after-hours events. Lead investigation and root cause analysis for cloud security incidents with clear written post-mortems. Leverage automation and AI tooling to reduce mean time to detect and respond.

  • Cloud Detection & Threat Monitoring: Build and maintain detection coverage for cloud-native threats (privilege escalation unusual API activity lateral movement data exfiltration and more). Leverage CloudTrail GuardDuty and SIEM integrations to maintain visibility across the AWS estate. Align detection logic with MITRE ATT&CK for Cloud.

  • Vulnerability & Configuration Management: Own vulnerability management for cloud workloads prioritizing findings from cloud configuration assessments and runtime protection tools. Drive remediation with Engineering and Infrastructure teams and build automated enforcement where manual review doesnt scale.

  • Identity & Access Management: Define and enforce least-privilege principles across AWS IAM service accounts and federated identity. Review and improve IAM policies permission boundaries cross-account roles and access patterns. Reduce standing access and enforce JIT access where appropriate.

  • Development of Security Best Practices: Develop and document best practices policies and procedures for cloud security. Provide guidance and training to engineering and infrastructure teams to promote a security-aware culture.

  • Vendor relationships: Maintain relationships with security vendors for technical issues ensure smooth operations of security tools and services and escalate problems or incidents to vendors when required.

What it takes to be successful:

Youre a cloud security practitioner who operates with a builders mindset. You understand AWS deeply not just its security services but how misconfigurations and design decisions create real risk. Youre comfortable reading IaC reviewing IAM policies and diving into CloudTrail logs to reconstruct what happened. You know how to work with engineering and infrastructure teams as a partner not a gatekeeper and you can communicate risk clearly to stakeholders who dont live in the cloud console. Youre comfortable being on-call and making decisions under pressure.

Additionally holding security-related certifications such as those from ISC2 ISACA SANS or CompTIA and having Cloud Architecture certifications (AWS Security Specialty AWS Solutions Architect or equivalent) will significantly enhance your effectiveness in this role.

Requirements:

  • 5 years of relevant work experience in cybersecurity with a strong focus on cloud security in production AWS environments.

  • Deep hands-on experience with AWS security services: IAM SCPs CloudTrail GuardDuty Config KMS VPC security and more.

  • Good knowledge of Kubernetes security including RBAC pod security standards network policies admission controllers and secrets management.

  • Experience with cloud security posture management (CSPM) and cloud workload protection (CWPP/CNAPP) tools.

  • Experience securing IaC pipelines (Terraform CloudFormation) and integrating security scanning into CI/CD workflows.

  • Good experience with container and image security scanning runtime protection supply chain risk.

  • Experience with SIEM and detection engineering building and tuning cloud-native detection rules threat hunting across CloudTrail and application logs.

  • Familiarity with automation platforms and AI-driven security tools to streamline detection enrichment and response.

  • Experience with Infrastructure as Code (IaC) and scripting (Python Bash or similar) to develop custom security tooling and automate workflows.

  • Strong IAM fundamentals: least privilege cross-account roles permission boundaries federated identity and privileged access management.

  • Comfortable working across Azure/GCP in addition to AWS multi-cloud exposure is a plus.

  • In-depth knowledge of information security principles and cybersecurity frameworks relevant to cloud environments: MITRE ATT&CK for Cloud CIS Benchmarks AWS Well-Architected Security Pillar NIST CSF SOC 2 ISO 27001.

  • Willingness and ability to participate in an on-call rotation including after-hours response.

  • Ability to produce clear comprehensive and well-structured documentation (e.g. incident reports architecture reviews runbooks and security standards) and to communicate complex technical issues effectively to non-technical stakeholders.

Our Hybrid Work Philosophy

Great work can happen anywhere but coming together helps us go further. Our team spends three days a week in the office (Tuesday-Thursday) to collaborate solve problems and learn from each other. With flexibility the rest of the week its a balance designed to help everyone do their best work and keep growing.

Our Total Rewards Philosophy

Our Total Rewards Philosophy centers around three core areas to reward and care for our People:

  • Rewarding Impact: We lead with competitive pay to reward the impact skills and traits that fuel our success.

  • Fostering Holistic Wellbeing: We care deeply about and invest in the whole person with programs that support our peoples physical mental and financial well-being.

  • Empowering Our Talent Culture: We build a culture of trust and empowerment by designing our rewards and benefits with transparency equity and flexibility enabling our people to do their best work and stay for the long haul.

Our Promise to You

  • Financial Wellness: Own a piece of Docebo through our Employee Share Purchase Plan (ESPP) at a 15% discount plus a competitive compensation package.

  • Your Well-Being Covered: Youll get access to health benefits so you can get the care you need when you need it.

  • Rest Relax Repeat: Rest and recharge with paid vacation days two company-wide Docebo Days floating holidays for cultural celebrations and your birthday off!

  • Family First: We provide coverage offering you time with your little one(s) so you can soak up all those precious moments. Fun fact: we had 30 Docebian babies join the family in 2025!

  • Connections That Count: Connect with global communities through our Employee Resource Groups (including PRIDE DWA BIDOC and Green Ambassadors) and company-wide events that keep the fun rolling all year long.

About Docebo

At Docebo we create seamless AI-powered learning experiences for over 3000 customers worldwide. We have successfully achieved two IPOs (TSX: DCBO & NASDAQ: DCBO) been recognized as a top SaaS e-learning solution and are growing exponentially in the process. Were a global company with office across North America EMEA APAC and beyond. Our team is guided by five core valuesGrow Together Win Together Build with Our Customer Clear is Kind Own Outcomes Progress Over Perfectionthat shape everything we do. If this resonates with you now is the perfect time to join one of the fastest-growing learning technology companies in the world.

Docebo is an Equal Employment Opportunity employer. We are committed to diversity and inclusion in our workforce. All qualified applicants and employees will receive consideration for employment regardless of their race colour religion sex (including pregnancy gender identity and sexual orientation) national origin citizenship status age disability genetic information or any other category protected under applicable law.

As a federal contractor Docebo is committed to the principles of affirmative action and equal employment opportunity for protected veterans and individuals with disabilities. Docebo does not discriminate because of protected veteran status or on the basis of disability and Docebo takes affirmative action to employ and advance in employment qualified protected veterans and individuals with disabilities.

Any individuals requiring a reasonable accommodation or would like to voluntarily disclose a disability or protected veteran status to assist with their employment application should send an e-mail to The email should also include the position youre interested in.


Required Experience:

Senior IC

Artificial Intelligence. Actual Impact.At Docebo were using AI to change how people learn at workand we mean actually change it. Were an AI-powered learning platform that helps organizations create deliver and manage training all in one place. But our real mission goes deeper: we help teams move fas...

About Company

Company Logo

Docebo’s AI-powered LMS helps world-class organizations train employees, partners, and customers on a unified platform. Create learning, grow skills, and drive business impact at global scale.

View Profile View Profile