Security Engineer (Full remote)

This year marks 10 years since we launched the idea that simplifying our customers lives is possible by offering an innovative solution that allows them to easily subscribe to manage and switch all types of contracts through a unique and intuitive platform.

In that time we have supported more than 1.5 million customers in France Spain and Italy while investing in new verticals and positioning ourselves as a highly efficient innovative and competitive scale-up in a rapidly growing market.

With over 900 employees across 3 locations we are solidifying our position as a market leader in Europe. We are always on the lookout for talent ready to join a dedicated and motivated team driven by a meaningful project. Working with us means embracing a culture of excellence innovation and real impact.

As a Security Engineer you willplay a key team role in ensuring the organisation and its technology infrastructure remain secure.

Your responsibilities :Build the Future of Our Security

Are you an ambitious hands-on security professional ready to make a tangible impact Were not just looking for someone to maintain systems were looking for a builder who will shape elevate and scale our entire security landscape. This is a unique opportunity to take ownership drive our security culture forward and protect the core of our dynamic and fast-growing business. If you thrive on challenges and are passionate about building robust security practices from the ground up we want to hear from you.

Your Mission & Impact

As our Senior SecOps Engineer you will be the cornerstone of our security operations. You will have the autonomy and support to architect and implement a robust and scalable security and compliance framework.

Key Responsibilities:

• Architect Our Security & Compliance Framework:

• Take the lead on achieving critical security certifications including spearheading our PCI-DSS Level 2 self-certification.

• Proactively map our future compliance journey by delivering a detailed gap analysis and action plan for PCI-DSS Level 1 & NIS2.

• Organize and streamline all security policies creating a single source of truth that eliminates redundancy and ensures clarity for audits and internal teams.

• Fortify Our Defenses:

• Collaborate closely with our DevOps and IT teams to embed robust security measures within our AWS cloud infrastructure CI/CD pipelines and internal systems.

• Own our vulnerability management program. This includes establishing processes documenting vulnerabilities and training the team.

• Maintain and enhance our security monitoring systems analyzing alerts and leading incident response efforts to neutralize threats swiftly.

• Champion a Security-First Culture:

• Lead engaging and effective security awareness initiatives including phishing campaigns and internal training to empower every employee to be a security advocate.

• Own and manage our security calendar ensuring the timely execution of penetration tests policy updates and compliance deadlines.

• Serve as the go-to expert for all security inquiries including handling incoming SAQs from partners and owning our BPO SAQ process.

Stack & Environnement Tech

Infrastructure & Cloud :

• AWS (ECS EKS/Kubernetes Lambda RDS ElastiCache CloudWatch ALB VPC)
• Infrastructure as Code (Terraform AWS CDK CloudFormation)
• Docker Nginx Gunicorn

CI/CD & Automation :

• GitHub Actions
• Ansible
• Bash / Shell scripting

Backend & Tools :

• Python (Django Django REST Framework FastAPI Airflow)
• Celery Redis PostgreSQL
  

Who You Are

• A Builder & a Strategist: You have proven experience in cloud security (AWS and GCP) and internal IT security with a track record of not just maintaining but actively improving security posture.

• Compliance-Savvy: You are deeply familiar with compliance frameworks like PCI-DSS ISO 27001 GDPR and ideally NIS2. You see compliance as a strategic advantage not just a checkbox.

• Technically Proficient: You possess strong skills in network security encryption vulnerability management and modern security monitoring tools. Experience with infrastructure automation and scripting is a significant plus.

• An Excellent Communicator: You can translate complex security concepts into clear actionable guidance for both technical and non-technical stakeholders.

• Ambitious & Driven: You are excited by the prospect of taking ownership and are motivated by clear ambitious goals. Relevant certifications (CISSP CEH AWS Certified Security) are highly desirable.

Your Manager

Your manager will be Andrea our Head of Infrastructure and Security. He is fully remote from Italy and is dedicated to supporting your growth and success. You will work in a collaborative environment alongside our talented DevOps and IT Ops teams.

What we offer :

Thrive in an international and inclusive environment: everyone has a place at papernest. With over 46 different nationalities its not uncommon here to start a sentence in English and finish it en français or en español

Compensation: a plan for Subscription Warrants for Company Creators (BSPCE) in accordance with company regulations as well as a Pluxee card to manage your tax level through a voluntary compensation system across different services (transportation dining and childcare).

Benefits: as a home insurance provider and a supplier of green electricity and gas we offer attractive deals to our employees. After all theres no reason why things should only be simpler for our customers!

Health: medical insurance through Alan or Sanitas to manage your healthcare expenses in an ultra-simple paperless way with up to 50% coverage by papernest (after 6 months in the company).

Meals & partnerships: a healthy breakfast offered every Tuesday as well as partnerships with various services in Barcelona (restaurants sports leisure and care centers).

Training: the development of our employees is essential. Youll have access to online training platforms dedicated to Tech. As well as Tech-Fridays twice a month a day dedicated to innovation your personal training or your technical watch.

Career Development: numerous opportunities are available for you to grow whether by deepening your expertise or exploring new paths. We support you in your professional ambitions.

Remote Work: enjoy 2 days of remote work per week to optimize your focus and efficiency.

Hiring process:

• A first call with Guillaume Talent Acquisition Partner (1h)
• Interview with Andrea Head of infrastructure and your future manager (1h)
• A technical test with a feedback interview.
• Final interview with Raphael our CTO (1h)

Interested in this challenge

Dont hesitate any longer we look forward to meeting you! Regardless of your age gender background religion sexual orientation or disability theres a place for you with us. Our selection processes are designed to be inclusive and our work environment is adapted to everyones needs.

We particularly encourage applications from women. Even if you feel that you dont meet all the criteria outlined in this job posting please know that every application is valuable. We strongly believe that diverse and varied backgrounds enrich our team and we will carefully consider your application. Parity and diversity are essential assets to our success.