Specialist in product security for TIAA focused on maintaining security throughout product lifecycles. Engaging in product development, vulnerability analysis, and team collaboration.
About the role
- Lead end-to-end incident investigations and drive durable remediation across cloud and on-prem environments. Collaborate with Infra, Dev, and SRE teams to build secure, observable, and resilient systems.
Responsibilities
- Shape the evolution of our security architecture by identifying weaknesses and designing durable, scalable solutions.
- Enhance the platforms and automations that enable detection, investigation, and response.
- Drive remediation efforts by turning investigations and lessons learned into structural improvements across the company.
- Collaborate with Infrastructure, Development, and SRE teams to embed security into system design, deployment, and operations.
- Develop tools, frameworks, and workflows that elevate the team’s capabilities and reduce operational friction.
- Contribute to a forward-looking security roadmap, evaluating new approaches and technologies to continuously improve resilience.
Requirements
- Ability to investigate incidents end-to-end and implement durable remediation (from root cause analysis to corrective actions).
- Capacity to identify weaknesses, propose pragmatic hardening measures, and influence infrastructure, development, and product teams.
- Solid understanding of secure architectures (cloud and on-prem) and the ability to guide teams toward safer designs.
- Experience building or improving logging, monitoring, and detection pipelines.
- Practical experience in Microsoft and/or open-source ecosystems, scripting and automation (Python, Bash, PowerShell), and familiarity with DevOps/SRE environments.
- Strong communication skills to translate technical findings into clear recommendations and decisions.
- Languages: French and professional English.
Benefits
- Variable bonus
- A dynamic and creative environment within international teams
- Access to a variety of self-learning courses on our e-learning platform
- Opportunities to participate in local and international meetups and conferences
- Flexible office policy with up to 2 days remote work
- Health insurance
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Cyber Security Engineer designing and developing cybersecurity tools and solutions for ADI Global Distribution. Role involves secure software development and cloud engineering to ensure cybersecurity integrity.
Cyber Security Engineer focusing on secure software development and cybersecurity solutions for ADI Global Distribution. Engaging with an international team to enhance software integrity and security practices.
Head of IT, Security & Compliance ensuring the IT infrastructure and compliance at CameraMatics. Leading security initiatives and regulatory obligations in a hybrid work setting.
Security Officer conducting interior and exterior patrols to ensure safety and monitor access in data centers. Collaborating with clients and performing various security duties.
Managing Director for Security and Resilience at Edison Electric Institute overseeing security and resilience operations for electric power system. Leading a team of experts in national security and regulatory processes.
Head of AI Security at Absa developing security frameworks for AI systems. Responsible for safeguarding AI platforms against cybersecurity threats and ensuring secure development practices.
Security Officer responsible for armed security at the Arizona State Courts Building. Patrolling, monitoring security systems, and ensuring safety during shifts, holidays, and weekends.
Senior Security Engineer managing Privileged Access Management solutions for ZEISS. Engineering and supporting PAM ecosystem, with a focus on BeyondTrust Password Safe, and ensuring reliable service delivery.
Principal Technology Risk & Control Officer managing technology risk assessments and controls at Northern Trust, a leading financial institution. Collaborating across multiple technology domains to ensure alignment with business objectives and regulatory expectations.