Are you ready to protect the confidentiality and the data of our patients to ensure the best user experience of the top European healthcare product used and loved by millions of patients and doctors?
It’s out absolute priority and that’s why we are looking for a Security Engineer to join and build the best team to maintain a state-of-the-art, healthcare compliant, security level.
Who we are?
Founded in 2013, Doctolib is the #1 online and mobile booking platform and management software provider for doctors in Europe. We help patients book doctor or dentist appointments 24/24 and 7/7 within a few clicks and we offer doctors a full-range service to improve booking management, reduce no show and bring new patients to their office. We are already working with 27 000 practitioners and about 700 healthcare establishments! Each month, there are more than 8.2 million people on our website.
The 5 Core Values of Doctolib: the « SPAAH »
- Service: Delivering an outstanding service.
- Passion: Being passionate and creating fun.
- Ambition: Being ambitious, with no limits.
- Attack: Being determined.
- Humility: Being humble and sensitive to others.
The missions :
- Perform security assessments of existing and newly Doctolib’s features and services.
- Be the first response and remediation for security-related alerts/incidents.
- Architect, design, and develop solutions hand-to-hand with our technical teams.
- Coordinate and deliver security projects across teams within Doctolib regarding application and data security & infrastructure security.
- Develop proof of concepts for new security tools in order to evaluate the impact of these tools.
- Do a regular technical watch.
- Triage submissions and help run the future Bug Bounty program.
- Facilitate collaboration with other engineers, product owners, and business owners to incorporate security thinking across departments.
- Coordinate and collaborate with other parts of the company such Legal and Office.
- Work from our awesome office in Paris where we work closely with teams across all Doctolib services.
Your profile :
- You have minimum 5 years of experience within the security domain.
- You have skills in security assessments of web applications and Linux (ideally on MS stack too).
- You have a strong understanding of common and uncommon web application vulnerabilities and mitigations.
- You are familiar or eager to learn about security vulnerabilities specific to Ruby on Rails.
- You have a good understanding of security in distributed systems at scale.
- You have a deep understanding of information security and risk management for IT-based companies.
- You are able to collaborate with all people working in the company (tech & non-tech).
- You are able to lead projects efficiently.
- You know how to prioritize tasks using cost and value and to address subjects in an efficient way (ex. MoSCoW).
- You are autonomous, pragmatic & have good structuration skills.
- You speak English and French fluently.
What we offer you :
- A team of 350 amazing people, passionate about a common project
- A healthcare insurance
- A few DoctoParties, DoctoMonthly Meetings, DoctoBeers, DoctoWeek-ends..
- The opportunity to revolutionize a whole industry !