Security Engineer

What if, in your next adventure, you were surrounded by people who, like you, look for an unlimited playground to explore, share, and test? Would you care to hear more? You've opened the right door As an R&D team, making sure your ideas are heard and encouraged is what we strive to do

**What You'll Do**:
As a Security Engineer in the “Security Yellow” team, you will be at the forefront of our efforts to protect Criteo from cybersecurity threats. Criteo’s technical environment is complex, consisting of thousands of custom services, over 40,000 servers, and a diverse technology stack spanning hybrid cloud and on-premise environments. Your role will be a blend of software engineering and site reliability engineering.

**Key Responsibilities**:
**Software Engineering**:

- Develop software that bridges traditional security tools (like SIEMs) with cutting-edge technologies like frontier-LLMs, to help ensure that Criteo’s cyber defenses evolve more rapidly than the threat actors who target us.
- Assist Criteo engineers in integrating security into the software they design.
- Create and extend systems that solve technical problems core to security. Examples include:

- Secrets management
- Asset tracking
- Detection & Response
- Vulnerability Scanning

**Site Reliability Engineering**:

- Run, monitor, and maintain a range of custom-built, open-source, and paid security systems spanning on-premise and cloud infrastructure. Examples include:

- ElasticSearch (ELK) stack
- OpenCTI
- Fleetdm
- Hashicorp Vault
- Respond to production incidents impacting security systems that run on both Kubernetes and bare metal servers.

**Enabling Security Blue Team**:

- Translate Blue team challenges and requirements into concrete technical solutions that empower them to prevent, detect, and respond to security threats.
- Work closely with the Security Blue team to ensure the right security tools and infrastructure are in place.
- Collaborate with engineers across the company, helping them integrate security into their designs.

**Who You Are**:
**Educational Background**:
Bachelor's degree in Computer Science, or a related field (or equivalent practical experience).

**Skills and Experience**:

- Strong computer science fundamentals (computer architecture, operating systems concepts).
- Ability to produce, understand, and analyze code in at least one popular programming language without assistance (example languages: Golang, Python, Ruby, Java, C#, C++, Rust).
- Ability to heavily leverage LLMs in your daily work while maintaining a strong understanding of the output, as well as potential pitfalls.
- Strong analytical skills and capacity for adversarial thinking.
- Effective verbal and written communication skills for collaboration and reporting.
- Previous professional experience is preferred but not required.

**Soft Skills**:

- Interest in cybersecurity.
- Passion for designing and implementing technical solutions to difficult problems.
- Ability to influence without authority to drive security best practices.
- Organizational skills to manage multiple complex tasks effectively.
- Perseverance in continuously improving security systems and tackling complex challenges.

**Team Structure and Reporting**:

- The security group consists of approximately 30 members, divided into 4 teams: a compliance team, a Yellow team, a Blue team, and an Identity & Access Management team.
- This position will report to the Yellow Team Dev Lead.
- The Yellow team’s mission is to design and build long-term security systems, promote security by design, and contribute to it in software engineering efforts across the company.

**Who We Are**:
Criteo is the global commerce media company that enables marketers and media owners to deliver richer consumer experiences and drive better commerce outcomes through its industry-leading Commerce Media Platform.

At Criteo, our culture is as unique as it is diverse. From our offices around the world or from home, our incredible team of 3,600 Criteos collaborates to develop an open and inclusive environment. We seek to ensure that all of our workers are treated equally, and we do not tolerate discrimination based on race, gender identity, gender, sexual orientation, color, national origin, religion, age, disability, political opinion, pregnancy, migrant status, ethnicity, marital or family status, or other protected characteristics at all stages of the employment lifecycle including how we attract and recruit, through promotions, pay decisions, benefits, career progression, and development. We aim to ensure employment decisions and actions are based solely on business-related considerations and not on protected characteristics. As outlined in our Code of Business Conduct and Ethics, we strictly forbid any kind of discrimination, harassment, mistreatment, or bullying towards colleagues, clients, suppliers, stakeholders, shareholders, or any visitors of Criteo. All of this supports us in our mission to power th