Logo

Senior Security Engineer SDLC

Ledger
Paris, France
Full time
Hybrid

Overview

Department

IT

Job type

Full time

Compensation

Salary not specified

Location

Paris, France

Company size

Mature [ 50+ employess ]

Ready to apply?

You're one step away - it takes less than a minute to upload your resume

Resume Assistance

See how well your resume matches this job role with our AI-powered score. By uploading your resume, you agree to our Terms of Service

Define and promote secure software development best practices across engineering teams, ensuring compliance with security standards. Build and maintain security tooling to support automated analysis and vulnerability detection.

Requirements

  • Strong experience with secure software development processes and practices (e.g. threat modeling, secure coding, security testing).
  • Practical experience implementing and managing security tooling in a CI/CD environment.
  • Experience writing or maintaining security-related documentation and standards.
  • Familiarity with modern software delivery practices (e.g. GitOps, infrastructure as code).
  • A pragmatic mindset focused on enabling developers rather than blocking them.
  • Prior experience working with or managing secure release models is a plus.
  • Good understanding of risk assessment and software architecture security.
  • Proficiency in scripting and automation (Python, Bash, etc).
  • Familiarity with code analysis tools (linters, SAST, dependency scanners like Snyk or Trivy).
  • Understanding of common software vulnerabilities (e.g. OWASP Top 10) and how to prevent them.
  • Experience with GitHub workflow and build systems.
  • Knowledge of secure release workflows (signing, approvals, reproducible builds).
  • Experience in C, Rust, Scala, or embedded environments is a plus.
  • Basic knowledge of cryptography and secure communications protocols is a plus.

    • Responsibilities

  • Define, document and promote secure software development practices across Ledger’s engineering teams.
  • Build and maintain security tooling to support automated analysis, vulnerability detection, and enforcement of secure coding standards.
  • Drive the adoption of security checks and controls in the CI/CD pipeline (e.g. linters, SAST, dependency scanning).
  • Own and improve our quorum-based release security process, ensuring that only reviewed, signed, and approved builds can be released to production.
  • Provide guidance and support to developers on secure design and implementation decisions.
  • Contribute to the definition and implementation of internal security standards, guidelines, and checklists.
  • Partner with the Product Security, Donjon, and Software teams to ensure security is a shared responsibility throughout the SDLC.
  • Monitor industry trends and adapt internal practices to evolving threats and technologies.
  • Help ensure compliance with internal and external security requirements (e.g. certifications, audits).

    • Benefits

  • Equity: Employees are the foundation of our success, and we award stock options so you can share in that success as we grow.
  • Flexibility: A hybrid work policy.
  • Social: Annual company outing for Ledgerdary Days, plus frequent social events, snacks and drinks.
  • Medical: Comprehensive health insurance policy offering extensive medical, dental and vision care coverage.
  • Well-being: Personal development, coaching & fitness with our dedicated partners.
  • Vacation: Five weeks of paid leave per year, in addition to national holidays and rest & relaxation (RTT) days.
  • High tech: Access to high performance office equipment and gadgets, including Apple products.
  • Transport: Ledger reimburses part of your preferred means of transportation.
  • Discounts: Employee discount on all our products.
    • Company
    About
    Academy
    Pricing
    Partnerships
    Legal
    Terms
    Privacy
    Cookies
    Contact
    © All rights reserved.