Security Engineer

initiative, helping design and build the internal pentesting stack while working closely with product and infrastructure teams to continuously improve security across Scaleway's cloud services.YOUR DAILY ROUTINE - Conduct web, API, network, and infrastructure penetration tests on Scaleway products and internal systems- Simulate realistic cyberattack scenarios to identify vulnerabilities and weaknesses- Participate in Red Team or adversarial simulation exercises, including social engineering campaigns- Assess and prioritize vulnerabilities based on their risk and potential impact- Write clear and structured security reports and communicate findings to technical and non-technical stakeholders- Collaborate with product and engineering teams to support remediation and security improvements- Contribute to the design and implementation of the internal pentesting tool stack- Stay up to date with emerging vulnerabilities, exploits, and offensive security techniques- Support the continuous, public transport. Most of our offices feature outdoor spaces (terraces) and bike parking facilities.- Dining: Our chef provides a healthy meal service at the headquarters, and breakfast is available across all our sites year-round. Scalers working from regional sites enjoy a Swile card for lunches.- Well-being commitments: Whether it's access to a gym, daycare places, or discounted services for caring services, Scaleway is committed to supporting Scalers in maintaining a balanced life.- International environment: With dozens of nationalities, Scaleway offers a stimulating environment where English is as widely spoken as French.- Career & Mobility: Our managers value internal mobility, and opportunities to transition to other entities within the Iliad Group are accessible to all Scalers.WHY JOIN THE SCALEWAY ADVENTURE ? A rich and diverse product offering: Scaleway offers over 100 public cloud products in IaaS, PaaS, and AI. A cutting-edge technical environment: Scaleway provides modern infrastructures, including high-performance bare metal servers, to tackle exciting technical challenges. Commitment to responsible cloud: Scaleway is dedicated to a more responsible cloud, with data centers powered solely by renewable energy since 2017, minimizing our ecological footprint and holding top-level certification.THE NEXT STEPS- HR interview to understand your background and motivations (30 min)- Technical interview to understand your technical skills and approach to the role (1h)- Manager interview to deepen discussions and assess your fit with the team (45 min)At Scaleway, we are committed to building an inclusive and respectful workplace where everyone has a fair opportunity to thrive.All applications are considered with care, regardless of age, gender, sexual orientation, ethnic or social background, religion, disability, or any other characteristic.We believe great ideas come from everywhere, and everyone which is why you should definitely apply.

security testing workflow across Scaleway productsABOUT YOUHARDSKILLS- Hands-on experience with penetration testing (web, APIs, networks, infrastructures)- Good knowledge of OWASP Top 10, MITRE ATT&CK, CVE and common exploitation techniques- Experience with security tools such as Nmap, Metasploit, Burp Suite or OWASP ZAP- Solid scripting or development skills (Python, Bash, SQL, PHP or similar)- Understanding of vulnerability exploitation techniques such as XSS, SQL injection, buffer overflow or reverse engineeringSOFTSKILLS- Strong analytical mindset and curiosity- Creativity and think outside the box approach to problem solving- High level of ethics and integrity in offensive security work- Ability to write clear and structured reports- Team spirit and collaboration mindsetWHAT YOU WILL FIND AT SCALEWAY ++++- Hybrid work: We offer up to 3 days of remote work per week.- Offices: Our offices are spacious, dynamic workspaces with bold design, conveniently located near

OUR STORY: Join Scaleway and shape the sovereign cloud of tomorrow !Since 1999, we have been designing secure, sustainable infrastructures aimed at supporting the most ambitious companies.Historically known for our dedicated servers (Dedibox), we made a strategic shift to cloud computing in 2015. Staying true to our principles of simplicity, flexibility, and technical excellence, we have become one of the leading players in Europe in the sector.With the rise of artificial intelligence, we have strengthened our commitment, supported by the Iliad Group, which is investing €3 billion to develop a serious, sovereign AI alternative to American and Asian giants.Every day, thanks to our fast-growing portfolio of cloud and AI products (bare metal, containerization, serverless, AI, etc.), Scaleway proudly serves thousands of customer across the private and public sector, from corporations like France Télévisions or Hachette Livre, to fast-growing startups like Photoroom and Biolevate, to institutions like the City of Copenhagen. Our offices are located in Paris, Lille, Toulouse, Rennes, Rouen, Bordeaux and Lyon. WHY WE NEED YOU ?Our growth is driving us to strengthen our Trust & Security Operations team to expand our internal pentesting capabilities and strengthen the security posture of our cloud products.Your mission will be to simulate realistic and controlled cyberattacks across our infrastructure and applications in order to identify vulnerabilities, evaluate associated risks, and continuously improve the security of Scaleway's products and services. YOUR FUTURE TEAMWe work in a collaborative and international environment where the diversity of Scalers, combined with a spirit of sharing, helps bring new projects to life every day, advancing our ambitions together.You will be part of a team of 5 people within the security organization. The team is responsible for protecting Scaleway's infrastructure and products through proactive security initiatives, including SOC/CSIRT operations, secure development practices, and offensive security activities.You will contribute to the Pentest