Yousign
Security Engineer
Vaga remota de Security Engineering com fit claro de localização do candidato.
Publicada21 de jun. de 2026
Países elegíveis38 países aceitos
Sinal de senioridadeSenior
Modelo de trabalhoRemoto
Locais aceitos para candidatos
Resumo da vaga
Security Engineer
Requisitos e responsabilidades
Conteúdo da vaga extraído em seções para revisão mais rápida.
Your Responsibilities
- Lead the end-to-end security review cycle for all product features: context intake, Decision Records, implementation support, and risk-based unblocking.
- Own and operate Yousign's BugBounty program: triage reports, drive remediation, and manage reward decisions.
- Identify, prioritise, and track remediation of vulnerabilities across Yousign's product and infrastructure perimeter.
- Contribute to the security of the Trusted Zone, and to fraud detection and prevention, alongside the Security & Compliance team.
- Support regulatory compliance (eIDAS, NIS2, ISO 27001): help translate requirements into technical controls, and contribute to audits and remediation when needed.
- Extend security expertise beyond Product to all company initiatives: assess risks, issue guidance, and maintain a consistent security posture company-wide.
- Take part in the team's weekly on-call ("doctor") rotation, and build automation (n8n, AI tooling, alerting) to reduce manual toil.
- Raise the security bar across Engineering and beyond: share knowledge, coach teams on secure-by-design practices, and build security awareness.
Your Profile
- You have deep, hands-on expertise in web application and API security, you know attack and defense mechanisms inside out and can spot a vulnerability in a PR or architecture diagram.
- You are able to independently run threat modeling sessions, produce clear Decision Records, and translate security risks into actionable requirements for engineering teams.
- You have experience managing vulnerabilities across a product perimeter: triaging, prioritising, tracking remediation, and knowing when to accept risk versus escalate.
- You have participated in or run BugBounty programs. You understand triage workflows, reward logic, and how to communicate decisions clearly to researchers.
- You use AI actively to automate parts of your security work, CVE monitoring, BugBounty triage, report generation, and you think critically about how to integrate AI into existing workflows rather than simply adding tools.
- You are comfortable working across domains. Your core is product security, but you are happy to contribute to compliance topics (eIDAS, NIS2, ISO 27001), to fraud detection and prevention, and to the security of a Trusted Zone. Prior exposure to a regulated or Digital Trust environment is a strong plus.
- You are genuinely self-sufficient: you pick up a brief, define the scope, and deliver without hand-holding. You are comfortable in ambiguous, fast-moving environments.
- You are pragmatic by nature. You do not block for the sake of blocking. You find the right balance between security rigour and business velocity, and you know when to escalate versus when to accept risk.
- You communicate clearly and simply. You can explain a complex vulnerability to a non-security engineer in two minutes, and you coach without being preachy.
- You are genuinely curious: you follow threat intel, participate in CTFs, and keep your technical edge sharp because you care about the craft.
- French at a native or near-native level (C2) is required. English at a professional working level (B2) is required for security research, technical documentation, and communication with international BugBounty researchers.
Benefits
- Salary: 53 000 – 79 000 EUR
- Stock options - BSPCE
- Meal vouchers (Swile): 10.50 EUR/day, 50% covered by Yousign
- Health insurance (Alan): 50% covered by Yousign
- Life & disability insurance: 100% employer-covered
- Wellbeing: Axomove (4 physio sessions) and Moka.care (6 therapy/coaching sessions)
- Transportation: 50% reimbursement for public transport for hybrid workers
- Leeto: Access to numerous employee discounts
- Time off: 10 RTT days/year, plus menstrual leave, parenthood benefits, seniority days
- 1 volunteering day/year, learning & development budget, and more
Why join Yousign now?
- A mission that matters in a world challenged by AI-driven fraud
- A vision built on integrity
- A European & sovereign platform
- A certified B Corp
- The golden age of Yousign
Vagas similares
Mantenha uma lista reserva.
Java, Python 8 países aceitos
Application Security Engineer (Tech Lead)Morgan StanleyVer vaga Java, Python 8 países aceitos
Application Security Engineer (Senior)Morgan StanleyVer vaga Appsec, CI/CD 8 países aceitos
Application Security EngineerMorgan StanleyVer vaga Devsecops, Vulnerability Management 8 países aceitos
Senior Product OwnerMorgan StanleyVer vaga Stack
Use estas tags para comparar vagas remotas similares.
Elegibilidade de localização
Candidatos devem aplicar apenas quando o país do perfil estiver listado aqui.
Seu perfilPaís não definidoEntre para comparar seu país com esta vaga.
Ver todos os 38 países aceitos
AlbâniaÁustriaBélgicaBulgáriaCroáciaChipreTchéquiaDinamarcaEstôniaFinlândiaFrançaAlemanhaGréciaHungriaIslândiaIrlandaItáliaLetôniaLituâniaLuxemburgoMaltaMoldáviaMontenegroPaíses BaixosMacedônia do NorteNoruegaPolôniaPortugalRomêniaSérviaEslováquiaEslovêniaEspanhaSuéciaSuíçaUcrâniaReino UnidoEstados Unidos
Fluxo de contratação
O WithMira mostra a vaga e depois envia candidatos para a aplicação da empresa.
1Confira fit da vaga, stack e elegibilidade de localização no WithMira.
2Abra a página de aplicação da empresa pelo link rastreado.
3Salve a vaga ou assine oportunidades similares antes de sair.