Senior Security Engineer

Benefits

Additional Information

⭐ About the role : At DataDome, security is a core part of how we build and scale. Our security team already covers GRC, SecOps, and security leadership, and we are now looking for a senior individual contributor to strengthen the engineering-facing side of the function. As DataDome evolves from a single product into a broader platform, our security scope is expanding across product, infrastructure, internal systems, and AI-enabled workflows. At the same time, our regulatory and assurance requirements are becoming more demanding, including ISO 27001 and SOC 2. We are looking for a Senior Security Engineer with a strong technical background, able to work closely with engineering teams and bring practical security expertise to product security, cloud security, application security, secure software supply chain, security tooling, and AI security topics. This role reports directly to the Head of Security. It is a pure individual contributor position with no management responsibilities. Impact comes from technical depth, hands-on execution, and cross-functional influence. 👉 You will be more specifically in charge of things like... Product, cloud, and application security Contribute to architecture, design, and implementation reviews for new features, services, platform changes, and cloud initiatives. Support pragmatic threat modeling and secure-by-design practices across APIs, services, data flows, workloads, and platform components. Advise engineering teams on application security, cloud and infrastructure security, and secure software supply chain topics. Help teams make sound security trade-offs and support remediation on complex or high-priority topics. AI security and enablement Contribute to the security of AI-related product capabilities, including model, pipeline, data flow, and integration considerations. Assess technical security risks related to internal AI usage, including data exposure, acceptable use, and vendor-related concerns, in partnership with the GRC function where relevant. Identify practical opportunities to leverage AI in security workflows, including threat analysis, remediation support, security reviews, and compliance-related automation. Technical risk and security enablement Bring strong technical depth to security and risk discussions by helping identify realistic attack paths, assess practical impact and likelihood, and translate findings into pragmatic remediation priorities. Partner with the GRC function to ensure risk assessments are supported by strong technical input and connected to concrete engineering actions. Explain risks, trade-offs, and recommendations in a way that drives action across engineering and cross-functional teams. Make secure practices easier to adopt through clear guidance, repeatable patterns, automation, and pragmatic support. Security tooling improvement Contribute to improving and evolving our security tooling, in close collaboration with SecOps, with a focus on making security signals, posture insights, and remediation workflows more useful for Security and Engineering teams. Develop use cases, dashboards, workflows, and integrations that help teams better understand, prioritize, and remediate security issues. 👤 It would be great if... You bring a strong technical security foundation (+7 years) across application security, cloud and infrastructure security, and secure software supply chain. You have worked in a SaaS or internet-scale product environment where security had to move at engineering speed. You are comfortable working close to engineering teams: reviewing designs, challenging assumptions, supporting remediation, and turning security needs into practical improvements. You enjoy going deep into security tools and using them to improve visibility, prioritization, remediation, and engineering workflows. You bring hands-on security expertise to identify meaningful risks, evaluate practical impact, and guide pragmatic remediation priorities. You are comfortable stepping in on urgent or high-impact security topics when needed, including incidents, emerging threats, complex remediations, and fast-moving cross-functional issues. You thrive in a small team setup - where you own a broad scope, move fast without heavy process, and adapt when priorities shift. French and English proficiency (working language is English, remote-friendly with occasional presence in Paris). Bonus Points Experience with SOC 2 Type II and third-party risk management in a SaaS environment. Experience with Vanta or similar GRC automation platforms. Familiarity with AI governance topics or security implications of AI tooling. What's in it for you? Flex Life: While we offer remote, hybrid, & in-office options each position specifies the level of flexibility. Our Parisian office is located next to the Opera Garnier. You will also receive a 500€ stipend to help you set up your ideal workspace if you work hybrid or remotely. If you are full rem

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at ddome? Share your experience