DevSecOps Engineer (F/N/M)
Adevinta
The right career for all
Created in 2006, leboncoin.fr is an exchange platform that simplifies access to consumption, favors local relations and makes digital a tool at the service of all. leboncoin is positioned as a digital, economic, societal, innovative player, always with the same objective: to facilitate all day-to-day exchanges for all of our users. We give a second life to thousands of goods. Behind this apparent simplicity, there is a fast-growing company with 1,400 employees, where it is good to work, a company that cultivates a responsible and collective HR approach. We are also the 1st site for sales between individuals in France and the 5th most consulted site in France.
What you’ll do & Who you are
As a DevSecOps Engineer, you will be responsible for building and maintaining secure foundations across :
Our cloud (IaaS AWS and various flavours of modern SaaS)
Our infrastructure (AWS standard services (EC2, S3, EKS, IAM), Datadome and AWS WAF
Our development pipelines (Gerrit, GitHub, Concourse)
Our security tools and their integration
You will act both as a strong hands-on engineer and a security advisor to our IT, product, and engineering teams, ensuring that security best practices are embedded into the design, build, and run of all systems at Leboncoin.
This role is an amazing opportunity to globally secure leboncoin Information System and application. You will cover cloud and infrastructure security, identity and access management (IAM), CI/CD pipeline security.
Key Responsibilities :
Cloud & Infrastructure Security
Define and enforce security architecture standards for cloud (AWS)
Review infrastructure-as-code (IaC) for misconfigurations and vulnerabilities and enforce standard secure best practices.
Work with infra teams to implement hardening guidelines and secure network designs.
DevSecOps & Pipeline Security
Integrate security tools and controls into leboncoin Infrastructure, CI/CD pipelines (SAST, SCA, secrets detection, container security) and IT Infrastructure and services
Automate security testing and compliance checks in development workflows.
Partner with developers to design secure coding patterns and threat models.
Identity & Access Management (IAM)
Define, recommend, and enforce strong IAM processes across Leboncoin (covering joiner/mover/leaver, privileged access, MFA, and segregation of duties).
Establish and enforce IAM governance and technical controls (least privilege, RBAC/ABAC, just-in-time access).
Security Tools & Infrastructure Integration
Contribute and support for Integrating or developing security tools within Leboncoin’s IT and cloud infrastructure (e.g., SIEM/SOAR integrations, vulnerability scanners, secrets managers, IAM tooling).
Ensure tools are properly maintained, monitored, and scaled.
Security Advisory
Act as security advisor to product, infra, and business teams :
Review designs and architectures
Provide concrete recommendations and negotiate trade-offs
Draft and publish security guidelines, best practices, and reusable patterns
Incident & Risk Support
Support security detection and response team during incidents with architectural and forensic expertise and with improvement mindset during post-mortems. Keen on being part of the security on-call rotation
Provide input into risk assessments for new projects or third-party integrations
Required Skills & Experience :
5 years of experience in cloud security, infrastructure security, or DevSecOps roles
Strong knowledge of AWS, Kubernetes, and CI/CD tool suites
Hands-on experience with infrastructure-as-code (Terraform, Ansible, etc.), with scripting (at least one language) and with automation
Solid understanding of IAM concepts, authentication protocols (SAML, OAuth2, OIDC), and privileged access management
Good knowledge of application security and common vulnerabilities (OWASP Top 10, SANS Top 25)
Experience integrating security tools into pipelines
Experience in developing and deploying scripts and plugins
Excellent communication and negotiation skills to act as an advisor with engineering teams
Fluency in French and professional English
Nice to Have :
Experience as a developer
Experience in a marketplace, e-commerce, or high-traffic web platform environment
Knowledge of European regulations (NIS2, GDPR)
Benefits:
Pleasant working conditions (offices, possibility of teleworking...)
Attractive remuneration (fixed, variable and
profit-sharing)
Opportunities for rapid, tailor-made professional developmen
The meal voucher card
Efficient and competitive health and provident insurance cover
In addition to these, we offer other benefits.
Want to find out more? Apply and ask our recruiters!
Adevinta is an equal opportunity employer and we value diversity. We do not discriminate on the basis of race, religion, colour, national origin, gender, sexual orientation, age, marital status or disability status.
If you feel like you don’t meet all of the requirements for this role but are interested, please consider applying anyway. Research suggests that women and individuals from underrepresented groups may self-select out of opportunities if they don’t meet 100% of the job requirements. We strongly encourage people from historically excluded groups to apply and look forward to speaking with you.