We invite you to join the Greycroft Talent Network

195
companies
874
Jobs

Infrastructure Security Engineer

Gorgias

Gorgias

Other Engineering
Paris, France
Posted on Nov 13, 2024

Gorgias empowers ecommerce brands to grow through AI-powered customer experience. We are the #1 CX platform in the industry, trusted by over 15,000 merchants worldwide – from small independent shops to some of the largest ecommerce brands in the world.

We offer the most integrations of any tool on Shopify (100+) and the ability to get setup fast, without the need for complex onboarding. Gorgias offers its users a unified platform to manage every aspect of their customer support on every channel.

We can automate 60% of a brand’s support so that agents can focus on high-value conversations and driving sales. Plus, we offer purpose-built marketing tools to help merchants convert more shoppers into customers, driving GMV.

About the role

As a Gorgias Infrastructure Security Engineer, you will contribute to our security program, working directly with our SRE team and engineering leadership.

You will implement and manage essential security tools and processes, with a particular focus on ensuring resilience against potential external threats and attacks.

This role will be critical in setting up proactive security measures and responding to incidents, making a tangible impact on Gorgias’ ability to meet enterprise-grade security standards.

What you will do

  • Contribute to security framework, tools, and processes for Gorgias, focusing on protecting critical infrastructure and ensuring system reliability.

  • Collaborate closely with the SRE and Infrastructure teams to integrate security practices and tools into existing and emerging platforms, including Kubernetes and multi-region deployments.

  • Improve the Security Information and Event Management (SIEM) system to enhance comprehensive monitoring, threat detection, and alerting.

  • Develop automated detection and mitigation playbooks for common security incidents (such as DDoS attacks, phishing, and other infrastructure-related threats).

  • Conduct and evaluate attack simulations and real-time incident management to improve the detection and mitigation rate.

  • Champion security best practices within the engineering organization by promoting secure coding practices, incident response protocols, and real-time threat mitigation strategies.

  • Provide leadership and training across engineering teams to ensure adoption of security standards and incident management practices.

About you

  • 5+ years of experience in a security engineering or infrastructure security role, preferably within a high-growth SaaS or eCommerce environment.

  • Proven expertise in infrastructure security, DDoS mitigation, and SIEM/SOC platforms.

  • Strong knowledge of cloud environments, particularly in Kubernetes/GKE, Postgres clusters, and networking protocols.

  • Hands-on experience with automation tools and Infrastructure as Code (IaC), such as Terraform.

  • Proficiency in scripting languages like Python or Golang for automating security processes and incident responses.

  • Ability to communicate security best practices and protocols to cross-functional engineering teams, advocating for a security-first mindset across the organization.

  • Experience with observability, incident management, and disaster recovery is a plus.

  • Ability to confidently serve as the main point of contact for all security-related matters in a dynamic startup environment.

Our Stack

You’ll be working closely with our SRE team, a group of experienced engineers who are building and maintaining:

  • Multi-TB Postgres clusters

  • RabbitMQ and Redis with tens of thousands of operations per second

  • 10+ full-featured GKE clusters globally with over 15k tenants

  • A new stack of Kafka, Debezium, and Apache Flink

  • Github Actions CI and ArgoCD for scalable deployment strategies

  • Best practices around Kubernetes/Helm/Operators, SLIs/SLOs, Incident Management, Observability, Security, and Disaster Recovery

    Company Benefits and Perks

  • 🏖️ 5-week vacation plus 2 weeks RTT

  • 🤕 Paid sick leave

  • 🌏 6 weeks full remote/year

  • 🧸 Paid parental leave (16 weeks)

  • 🚊50% of public transportation reimbursed

  • 💻 MacBook Pro

  • 🍽️ Personal credit card to buy lunches (we use Swile)

  • 🏥 We provide private health insurance (we use Alan)

  • 💆🏻‍♀️ Get up to €700 to set up your workstation at home (working from home should feel breezy)

  • 📚 Get up to €2000 of learning material and wellness support per year! This includes €1500 for learning material (such as books, courses, and individual coaching sessions) directly linked to your job scope, as well as a €500 wellness budget. Take advantage of these resources to grow in your role and prioritize your personal development and wellness.

  • 🥰 Every quarter, we organize an online company-wide summit to discuss where we’re going and strengthen social bonds. Once per year we organize offsite team retreats and company retreats!

More cool things to know about Gorgias... 😁

Gorgias ensures equal employment opportunity without discrimination or harassment based on race, color, religion, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity or expression, age, disability, national origin, marital or domestic/civil partnership status, genetic information, citizenship status, veteran status, or any other characteristic protected by law.

Gorgias is committed to the full inclusion of all qualified individuals and will take the steps to assure that people with disabilities are provided reasonable accommodations. Accordingly, if reasonable accommodation is required to fully participate in the job application or interview process, to perform the essential functions of the position, and/or to receive all other benefits and privileges of employment, please contact accommodation@gorgias.com