Job Specifications
Job Description - Senior Infrastructure & DevOps Engineer
Location: Hybrid Paris/Remote
Department: Infrastructure & DevSecOps
Seniority: Senior/Expert Role Summary
We are seeking a Senior Infrastructure & DevOps Security Engineer with deep experience securing large-scale cloud platforms, containerized environments, and automated deployment pipelines. This role blends strong infrastructure engineering with DevOps-driven security practices, ensuring our Azure-based platforms, CI/CD systems, and production workloads are hardened, resilient, and built with security-first principles.
The ideal candidate understands modern distributed infrastructure end-to-end - from identity and networking to Kubernetes, IaC, and CI/CD - and knows how to secure it through automation, scalable controls, and an attacker-aware mindset. You will partner closely with Cloud Engineering, SRE, Platform, and Architecture teams to embed security into the core of our infrastructure life cycle. What the Ideal Candidate Looks Like
A. Infrastructure-Focused Offensive Security Mindset
Experience assessing and penetration-testing cloud infrastructure, internal services, and containerized workloads.
Strong understanding of lateral movement, IAM weaknesses, network segmentation gaps, and privilege-escalation paths in distributed systems.
Ability to threat-model infrastructure components, identity flows, Kubernetes clusters, and CI/CD pipelines.
Skilled at reviewing IaC (Terraform/Bicep/ARM) and platform configurations to identify exploitable misconfigurations. B. Cloud & Platform Security Engineering (Azure-Focused)
Hands-on experience securing Azure services: App Services, Functions, Storage, Key Vault, IAM, networking, and monitoring.
Strong understanding of cloud-native security controls, workload protection, and posture management at scale.
Ability to design secure architectures with Cloud, SRE, and Platform teams, and drive remediation across distributed environments. C. DevOps & CI/CD Security Engineering
Skilled at embedding security into Azure DevOps pipelines and infrastructure delivery workflows.
Experience with Snyk (SAST, SCA, IaC, container, cloud) and other pipeline-integrated security tools.
Ability to automate security gates, compliance checks, and policy enforcement across build and deployment stages.
Builds custom tooling, scripts, and automation to secure infrastructure provisioning and application delivery.
Strong understanding of supply-chain security, artifact integrity, and secure deployment patterns. D. Container, Kubernetes & Platform Hardening
Experience securing Docker images, base images, registries, and runtime environments.
Familiarity with Kubernetes fundamentals, cluster operations, and common misconfigurations.
Understanding of runtime hardening, network policies, Pod Security Standards, and container security baselines. E. Secure Infrastructure Lifecycle & Incident Response
Leads security reviews for new infrastructure components, cloud services, and major platform changes.
Supports engineering teams with secure design patterns and infrastructure best practices.
Participates in incident response, root-cause analysis, and long-term remediation for infrastructure-level issues.
Drives continuous hardening across cloud, identity, networking, and platform layers. F. Infrastructure Automation & AI-Driven Security
Builds or tunes automation and AI-assisted tooling for vulnerability triage and misconfiguration detection.
Automates correlation across SAST/SCA/IaC/Cloud tools to improve infrastructure observability.
Contributes to dashboards, metrics, and security telemetry pipelines for infrastructure security. Required Skills & Experience Technical Skills
Strong offensive security experience targeting infrastructure, cloud services, APIs, and containerized workloads.
Solid understanding of secure coding and infrastructure patterns (C#, Java, JS/TS, Python, IaC).
Hands-on experience with:
Snyk (SAST/SCA/IaC/Cloud)
Azure DevOps CI/CD
Azure Cloud (IAM, networking, App Services, Functions, Storage, Key Vault)
Container security (Docker, Kubernetes fundamentals)
Familiarity with DAST tools and manual exploitation techniques.
Strong understanding of identity and access security (OAuth2, OIDC, JWT, Azure AD).
Knowledge of DevSecOps architectures, infrastructure hardening, and secure SDLC. Tooling & Frameworks
Burp Suite, ZAP, Nmap, Postman, Metasploit, custom tooling.
Threat-modelling frameworks: MITRE ATT&CK, STRIDE.
Source code and IaC review (manual + tooling). Soft Skills
Challenges infrastructure and architecture decisions with an attacker's perspective.
Communicates clearly with engineering, platform, and leadership teams.
Provides mentorship and security leadership across teams.
Strong analytical and problem-solving abilities. Job Description - Senior Infrastructure & DevOps Engineer
Location: Hybrid Paris/Remote
Department: Infrastructure & DevSecOps
Seniority: Senior/Exp