2 posizioni · 2 aperte
Solo aperteSecurity Engineer
IbridoDocebo · Milan, Italy
seniorfull time501-1000E-learningenglishArtificial Intelligence. Actual Impact. At Docebo, we’re using AI to change how people learn at work—and we mean actually change it. We’re an AI-powered learning platform that helps organizations create, deliver, and manage training all in one place. But our real mission goes deeper: we help teams move faster, work smarter, and focus on the work that truly matters. Our platform is built with intelligent, time-saving tools that personalize learning, eliminate busywork, and turn training from a checkbox into a superpower. The result? Better experiences for learners and real results for businesses. We’re shaping the future of learning with a team that isn’t afraid to challenge the status quo. If you're excited by the idea of using AI to make work-life better for real people–you’ll feel right at home here. And it’s not just what we build, it’s how we show up. At Docebo, our values aren’t just posters on the wall—they guide how we work every day. We call it the Docebo Heart: trust by default, assume positive intent, and create space for different perspectives to thrive. So… what are you waiting for? Join 900+ Docebians around the world and help us reinvent the way people learn, because learning never stops. ROLE OVERVIEW The Senior Security Engineer will play a central role in securing Docebo's cloud infrastructure, with a primary focus on AWS environments. Working closely with Cloud Infrastructure & Operations, Engineering, and other security teams, this role is responsible for designing, implementing, and continuously improving cloud security controls across all layers of the stack — from infrastructure provisioning and container orchestration to runtime detection and compliance enforcement. This is a hands-on, high-ownership role for someone who thinks in terms of risk and moves quickly to reduce it. The role also includes participation in an on-call rotation for security incidents affecting Docebo systems. RESPONSIBILITIES (INCLUDING BUT NOT LIMITED TO): - Cloud Security Architecture & Hardening: Own the security posture of Docebo's AWS environments. Define and enforce secure account structures, service control policies (SCPs), guardrails, and baseline configurations across multi-account setups. Evaluate and improve network segmentation, IAM boundaries, and data protection controls. Identify and remediate misconfigurations using CSPM tooling and manual review. - Infrastructure as Code Security: Partner with Cloud Infrastructure to integrate security controls into IaC workflows. Define guardrails to catch insecure configurations before deployment. Own security scanning in CI/CD pipelines and promote a shift-left approach to cloud security across engineering teams. - Incident Response & On-Call: Participate in the on-call rotation for security incidents, including triage, containment, and escalation for after-hours events. Lead investigation and root cause analysis for cloud security incidents with clear written post-mortems. Leverage automation and AI tooling to reduce mean time to detect and respond. - Cloud Detection & Threat Monitoring: Build and maintain detection coverage for cloud-native threats (privilege escalation, unusual API activity, lateral movement, data exfiltration, and more). Leverage CloudTrail, GuardDuty, and SIEM integrations to maintain visibility across the AWS estate. Align detection logic with MITRE ATT&CK for Cloud. - Vulnerability & Configuration Management: Own vulnerability management for cloud workloads — prioritizing findings from cloud configuration assessments, and runtime protection tools. Drive remediation with Engineering and Infrastructure teams, and build automated enforcement where manual review doesn't scale. - Identity & Access Management: Define and enforce least-privilege principles across AWS IAM, service accounts, and federated identity. Review and improve IAM policies, permission boundaries, cross-account roles, and access patterns. Reduce standing access and enforce JIT access where appropriate. - Development of Security Best Practices: Develop and document best practices, policies, and procedures for cloud security. Provide guidance and training to engineering and infrastructure teams to promote a security-aware culture. - Vendor relationships: Maintain relationships with security vendors for technical issues, ensure smooth operations of security tools and services, and escalate problems or incidents to vendors when required. WHAT IT TAKES TO BE SUCCESSFUL: You're a cloud security practitioner who operates with a builder's mindset. You understand AWS deeply — not just its security services, but how misconfigurations and design decisions create real risk. You're comfortable reading IaC, reviewing IAM policies, and diving into CloudTrail logs to reconstruct what happened. You know how to work with engineering and infrastructure teams as a partner, not a gatekeeper — and you can communicate risk clearly to stakeholders who don't live in the cloud console. You're comfortable being on-call and making decisions under pressure. Additionally, holding security-related certifications such as those from ISC2, ISACA, SANS, or CompTIA, and having Cloud Architecture certifications (AWS Security Specialty, AWS Solutions Architect, or equivalent) will significantly enhance your effectiveness in this role. REQUIREMENTS: - 5+ years of relevant work experience in cybersecurity, with a strong focus on cloud security in production AWS environments. - Deep hands-on experience with AWS security services: IAM, SCPs, CloudTrail, GuardDuty, Config, KMS, VPC security, and more. - Good knowledge of Kubernetes security — including RBAC, pod security standards, network policies, admission controllers, and secrets management. - Experience with cloud security posture management (CSPM) and cloud workload protection (CWPP/CNAPP) tools. - Experience securing IaC pipelines (Terraform, CloudFormation) and integrating security scanning into CI/CD workflows. - Good experience with container and image security — scanning, runtime protection, supply chain risk. - Experience with SIEM and detection engineering — building and tuning cloud-native detection rules, threat hunting across CloudTrail and application logs. - Familiarity with automation platforms and AI-driven security tools to streamline detection, enrichment, and response. - Experience with Infrastructure as Code (IaC) and scripting (Python, Bash, or similar) to develop custom security tooling and automate workflows. - Strong IAM fundamentals: least privilege, cross-account roles, permission boundaries, federated identity, and privileged access management. - Comfortable working across Azure/GCP in addition to AWS — multi-cloud exposure is a plus. - In-depth knowledge of information security principles and cybersecurity frameworks relevant to cloud environments: MITRE ATT&CK for Cloud, CIS Benchmarks, AWS Well-Architected Security Pillar, NIST CSF, SOC 2, ISO 27001. - Willingness and ability to participate in an on-call rotation, including after-hours response. - Ability to produce clear, comprehensive, and well-structured documentation (e.g. incident reports, architecture reviews, runbooks, and security standards) and to communicate complex technical issues effectively to non-technical stakeholders. OUR HYBRID WORK PHILOSOPHY 🤝 Great work can happen anywhere but coming together helps us go further. Our team spends three days a week in the office (Tuesday-Thursday) to collaborate, solve problems, and learn from each other. With flexibility the rest of the week, it’s a balance designed to help everyone do their best work and keep growing. OUR TOTAL REWARDS PHILOSOPHY 🎉 Our Total Rewards Philosophy centers around three core areas to reward and care for our People: - Rewarding Impact: We lead with competitive pay to reward the impact, skills and traits that fuel our success. - Fostering Holistic Wellbeing: We care deeply about and invest in the whole person with programs that support our people’s physical, mental, and financial well-being. - Empowering Our Talent Culture: We build a culture of trust and empowerment by designing our rewards and benefits with transparency, equity, and flexibility, enabling our people to do their best work and stay for the long haul. OUR PROMISE TO YOU 😍 - Financial Wellness: Own a piece of Docebo through our Employee Share Purchase Plan (ESPP) at a 15% discount, plus a competitive compensation package. - Your Well-Being, Covered: You’ll get access to health benefits, so you can get the care you need when you need it. - Rest, Relax, Repeat: Rest and recharge with paid vacation days, two company-wide Docebo Days, floating holidays for cultural celebrations, and your birthday off! - Family First: We provide coverage offering you time with your little one(s) so you can soak up all those precious moments. Fun fact: we had 30 Docebian babies join the family in 2025! - Connections That Count: Connect with global communities through our Employee Resource Groups (including PRIDE, DWA, BIDOC, and Green Ambassadors) and company-wide events that keep the fun rolling all year long. ABOUT DOCEBO 💙 At Docebo, we create seamless, AI-powered learning experiences for over 3,000 customers worldwide. We have successfully achieved two IPOs (TSX: DCBO & NASDAQ: DCBO https://www.docebo.inc/home/default.aspx), been recognized as a top SaaS e-learning solution, and are growing exponentially in the process. We're a global company, with office across North America, EMEA, APAC, and beyond. Our team is guided by five core values—Grow Together Win Together, Build with Our Customer, Clear is Kind, Own Outcomes, Progress Over Perfection—that shape everything we do. If this resonates with you, now is the perfect time to join one of the fastest-growing learning technology companies in the world. Docebo is an Equal Employment Opportunity employer https://www.eeoc.gov/sites/default/files/2022-10/EEOC_KnowYourRights_screen_reader_10_20.pdf. We are committed to diversity and inclusion in our workforce. All qualified applicants and employees will receive consideration for employment regardless of their race, colour, religion, sex (including pregnancy, gender identity, and sexual orientation), national origin, citizenship status, age, disability, genetic information, or any other category protected under applicable law. As a federal contractor, Docebo is committed to the principles of affirmative action and equal employment opportunity for protected veterans and individuals with disabilities. Docebo does not discriminate because of protected veteran status or on the basis of disability, and Docebo takes affirmative action to employ and advance in employment qualified protected veterans and individuals with disabilities. Any individuals requiring a reasonable accommodation or would like to voluntarily disclose a disability or protected veteran status to assist with their employment application should send an e-mail to [email protected]. The email should also include the position you’re interested in.
Pubblicato 1 settimana faVedi dettagliDevOps Engineer
IbridoLeonardo · Bristol - Coldharbour Lane, United Kingdom
seniorfull time10001+GBP59k–85k/yAerospace & DefenseenglishJob Description: Salary Range: £59,400 - £84,955 Leonardo UK operates a grade-based salary framework with broad bands. The salary range shown reflects the approved grade band for this role, or a narrower hiring range published within that band, and is benchmarked against the external market. Exceptions above the standard range are managed through governance controls to protect internal equity. Your impact Do you want to shape the future of DevOps across the UK’s most critical missions? At Leonardo, our Senior DevOps Engineers (Technical Specialists) are recognised authorities in automation and secure software delivery. They set technical direction, act as subject matter experts across programmes, and ensure our DevOps solutions remain robust, secure, and innovative. Your work at Leonardo UK will see you take the lead in solving customer problems in an agile, innovative and team-centric manner. The role will involve working full time at the customers site, and requires an active DV clearance. What you will do as a Senior DevOps Engineer: Act as the technical authority for DevOps across programmes, shaping architectures and guiding technical delivery. Define and influence DevOps roadmaps, innovation, and future strategies for automation and secure delivery. Lead feasibility studies, technology assessments, and solution recommendations for complex engineering challenges. Provide advanced guidance in CI/CD, infrastructure as code, and container orchestration across environments. Mentor Principal, Senior, and Early-career Engineers to raise capability across the DevOps community. Represent Leonardo at customer reviews, technical boards, and industry events, presenting and defending solutions. Contribute expert input to bids, proposals, and technical strategy. Champion secure-by-design principles, accreditation alignment, and engineering governance. What you’ll bring: Recognised expertise as a technical authority in DevOps and automation. Ability to influence technical strategy and represent Leonardo externally as a subject matter expert. Strong communication skills to engage with stakeholders from engineers to senior leaders. Core areas (must have): Expert knowledge of CI/CD pipelines, automation, and orchestration (GitHub Actions, GitLab CI, Jenkins, Terraform, Ansible, Helm). Strong expertise in containerisation and orchestration (Docker, Kubernetes, OpenShift/Tanzu). Deep knowledge of cloud environments (AWS, Azure) and hybrid deployments. Experience embedding cyber security controls and DevSecOps practices into pipelines and infrastructure. Proficiency in scripting and automation (Python, Bash, PowerShell). Familiarity with accreditation, assurance, and governance requirements in secure environments. Desirable: Recognised expert certifications (e.g. Kubernetes CKA/CKAD, AWS/Azure Architect, HashiCorp Terraform/ Vault). Experience influencing organisational DevOps standards and best practices. Contributions to research, publications, or professional forums in DevOps/automation. Knowledge of service mesh, GitOps, and policy-as-code approaches. Experience with monitoring/logging and observability platforms (ELK, Prometheus, Splunk). This is not an exhaustive list, and we are keen to hear from you even if you might not have experience in all the above. The most important skill is a good attitude and willingness to learn. Security Clearance This role is subject to pre-employment screening in line with the UK Government’s Baseline Personnel Security Standard (BPSS). An additional range of Personnel Security Controls referred to as National Security Vetting (NSV) may apply, this could include meeting the eligibility requirements for The Security Check (SC) or Developed Vetting (DV). For more information and guidance please visit: https://careers.uk.leonardo.com/gb/en/security-and-vetting Why join us At Leonardo, our people are at the heart of everything we do. We offer a comprehensive, company-funded benefits package that supports your wellbeing, career development, and work–life balance. Whether you're looking to grow professionally, care for your health, or plan for the future, we’re here to help you thrive. Time to Recharge: Enjoy generous leave with the opportunity to accrue up to 12 additional flexi-days each year. Secure your Future: Benefit from our award-winning pension scheme with up to 15% employer contribution. Your Wellbeing Matters: Free access to mental health support, financial advice, and employee-led networks championing inclusion and diversity (Enable, Pride, Equalise, Armed Forces, Carers, Wellbeing and Ethnicity). Rewarding Performance : All employees at management level and below are eligible for our bonus scheme. Never Stop Learning : Free access to 4,000+ online courses via Coursera and LinkedIn Learning. Refer a friend: Receive a financial reward through our referral programme. Tailored Perks : Spend up to £500 annually on flexible benefits including private healthcare, dental, family cover, tech & lifestyle discounts, gym memberships and more. Flexible working: Flexible hours with hybrid working options. For part time opportunities, please talk to us about what might be possible for this role. For a full list of our company benefits please visit our website. Leonardo is a global leader in Aerospace, Defence, and Security. Headquartered in Italy, we employ over 53,000 people worldwide including 8,500 across 9 sites in the UK. Our employees are not just part of a team—they are key contributors to shaping innovation, advancing technology, and enhancing global safety. At Leonardo we are committed to building an inclusive, accessible, and welcoming workplace. We believe that a diverse workforce sparks creativity, drives innovation, and leads to better outcomes for our people and our customers. If you have any accessibility requirements to support you during the recruitment process, just let us know. Be part of something bigger - apply now! Primary Location: GB - Bristol - Coldharbour Lane Contract Type: Permanent Hybrid Working: Onsite
Pubblicato 1 mese faVedi dettagli