⚠️ During the coronavirus crisis Doctolib continues to work, operating fully remote as we are building new products that help Doctors in France and Germany. We continue to Recruit and grow the team, all of our Recruiting and Onboarding has now been adapted to remote too.
Example of our current challenges:
- Define a seamless and efficient password policy to secure users access to Doctolib
- Train developers on common web vulnerabilities like SQLi or XSS
- Build security tests to detect vulnerable functionalities in the product?
What you will do:
- Perform security assessments of existing and upcoming Doctolib’s features and products
- Review code and design of our products
- Fix vulnerabilities
- Maintain and contribute to Doctolib’s Secure Development Lifecycle
- Help our product owners to ship ‘secure by design’ features
- Contribute to Doctolib’s bug bounty program
- Raise awareness of our developers to security best practices
- Create security tests to avoid any regression
Your profile :
- You are passionate about application security and development!
- Security assessments of web applications have no secret for you!
- You have a strong understanding of common and uncommon web application vulnerabilities and mitigations (OWASP Top10)
- You are familiar or eager to learn about security vulnerabilities specific to Ruby on Rails
- You have a good understanding of security in distributed systems at scale
- You speak English and French fluently
- You are able to collaborate with all people working in the company (tech & non-tech)
- You are autonomous, pragmatic & have good structuration skills
- You proactively contribute to Doctolib’s security
The Interview process :
- 30min phone screen with a Tech Recruiter
- 1h technical interview
- Take home test with restitution
More about the position :
- Permanent Position
- Full time
- Location: Levallois-Perret
- Start Date : ASAP