
Didomi · Paris
We are looking for an Information Security Analyst to join our Security & IT team and become the operational backbone of our ISO 27001 program. You will support...
We are looking for an Information Security Analyst to join our Security & IT team and become the operational backbone of our ISO 27001 program. You will support the day-to-day work that keeps Didomi audit-ready year-round and run recurring security activities across the company.
This role is roughly 80% recurring compliance work: evidence collection, audit preparation, access reviews, vendor reviews, and security questionnaire responses. Leverage is the whole game. We want someone who reaches for automation and AI tooling as a default and who actively pushes back on process that no longer earns its keep, rather than someone who accepts that compliance work has to be slow or manual.
This role reports to the Security Manager.
Vestiaire Collective is the leading global platform for desirable pre-loved fashion and a pioneer in transforming how people consume fashion. Our mission is simple: make circular fashion the norm, not the exception. Through technology, expertise, and a highly engaged global community, we enable millions of people to buy and sell fashion in a more sustainable way. Founded in Paris in 2009, Vestiaire Collective is now a globally scaled marketplace with offices in Paris, London, Berlin, New York, Singapore, and Ho Chi Minh City, and logistics hubs across Europe, Asia, and the US. Today, we are a team of around 600 people from over 50 nationalities, united by a shared ambition: to drive meaningful change in the fashion industry. Our values, Activism, Transparency, Dedication, Greatness, and Collective, shape how we build, collaborate, and grow every day. Please upload your CVs in English About the role : As a Senior Security Analyst at Vestiaire Collective, you will be part of our Security team. Your objective will be to provide a safe, secure, and trustworthy experience for our users, while safeguarding their privacy and personal data, as well as protecting our company assets and internal employees. Additionally, you will ensure compliance with regulatory requirements. This role is focused on security operations, risk, and assurance: you will be the person who keeps continuous watch over our security posture — monitoring and investigating alerts, driving vulnerabilities through to remediation, supporting incident response, and producing the evidence and metrics that demonstrate our security and compliance to auditors, regulators, and leadership. Reporting to the Head of Security, you will work alongside a talented team of security engineers and collaborate closely with engineering teams and other stakeholders such as legal, finance, and corporate IT. You will work daily with our security stack: Datadog (SIEM), SentinelOne (EDR), Upwind (CSPM), Cloudflare (WAF and Cloudflare One), and Grafana/Prometheus, on top of our AWS and GCP cloud environments. What you will do : Operate and continuously improve our security monitoring: triage and investigate alerts across our detection stack (Datadog SIEM, SentinelOne EDR, Cloudflare), tune detections to reduce noise, and escalate confirmed threats. Review and prioritize cloud security posture findings (Upwind CSPM) across our AWS and GCP environments, and drive misconfigurations through to resolution with the relevant teams. Own the vulnerability management lifecycle: consolidate findings from penetration tests, application security reviews, and our bug bounty program; validate and prioritize them; and drive remediation with engineering teams against defined SLAs. Triage incoming bug bounty submissions: reproduce and assess reported issues, determine severity, and coordinate fixes with the relevant code owners. Support incident response from detection to closure: first-line investigation, coordination during incidents, documentation, and post-incident follow-up actions. Support audit and assurance activities: prepare and maintain evidence for external audits, run periodic access reviews (joiners/movers/leavers, privileged access), and keep compliance documentation up to date. Contribute to security metrics and reporting: maintain and enrich the KPIs and dashboards (Grafana) we use to report our security posture to leadership. Assess third-party vendors and tools from a security and data-protection standpoint. Handle day-to-day security requests from across the company (reported phishing, the security inbox, employee questions) and deliver security awareness initiatives to promote a security-conscious culture. Who you are : Proven experience (3+ years) in a security analyst, SOC, or security operations role, preferably in a fast-paced startup/scaleup environment. Strong analytical and problem-solving abilities, rigorous documentation habits, and the ability to communicate clearly with both technical and non-technical stakeholders. Hands-on experience with SIEM and log analysis platforms (e.g., Datadog, Splunk, Elastic) for alert triage, threat detection, and investigation; familiarity with EDR tooling (e.g., SentinelOne, CrowdStrike) is a strong plus. Working familiarity with cloud environments (AWS and/or GCP) and cloud security fundamentals - enough to understand, prioritize, and follow up on CSPM and WAF findings. Solid understanding of vulnerability management and common application threats (e.g., OWASP Top 10) - enough to validate findings, assess real-world impact, and discuss remediation credibly with engineers. Understanding of compliance frameworks and regulations (e.g., ISO 27001, PCI DSS, SOC 2, GDPR, DSA), with the ability to translate requirements into practical controls, procedures, and audit evidence. Scripting or query skills (e.g., Python, SQL), for automating routine analysis and digging into data during investigations. Ability to adapt to a rapidly changing environment and manage multiple priorities. NICE TO HAVE: Bachelor's or Master's degree in Computer Science, Information Security, or a related field. Relevant certifications (e.g., CompTIA Security+/CySA+, GIAC GCIH/GCIA, CISA, ISO 27001 Lead Auditor/Implementer) are a plus. Our Tech Stacks includes Datadog SIEM Upwind CSPM Cloudflare (WAF, One) SentinelOne AWS, GCP Grafana, Prometheus Snowflake Tableau
About Datadog: We're on a mission to build the best platform in the world to defend the enterprise from code-to-cloud-to-runtime. Used by thousands of companies globally, Datadog security products uniquely leverage Datadog's unified security and observability platform so Security, DevOps and SRE can collaborate rapidly and seamlessly to deliver better detection, prioritization and remediation. Our product and engineering culture values pragmatism, honesty, and simplicity to solve hard problems the right way. The Opportunity: In this competitive market, the Director of Product Management for Cloud Security and Platform will play a mission-critical role in providing product and strategy leadership to grow Datadog's market share through differentiation, innovation and compelling customer value. This leader will work with a talented and growing team of product managers and engineers to build and grow multiple product lines that play an essential role for our customers' cloud security programs and the shared platform capabilities supporting all Datadog security products, to establish Datadog as a security industry leader. At Datadog, we place value in our office culture - the relationships and collaboration it builds and the creativity it brings to the table. We operate as a hybrid workplace to ensure our Datadogs can create a work-life harmony that best fits them. What You'll Do: * Run and grow multiple product lines to meet revenue and business targets with the goal of building a multi-hundred million dollar annual business. * Lead and own product strategy and roadmap for accountable security product lines, fully aligned to revenue and business goals and with compelling differentiation and customer value. * Ensure predictable roadmap execution across direct and partner teams to achieve product and business outcomes required to meet the revenue and business goals. * Analyze and develop pricing and packaging strategies to maximize revenue through attaching deep understanding of market dynamics and other strategic leverage points. * Drive GTM strategy with GTM partner teams to achieve revenue and business goals. * Fulfill the role as the product-leader representative across accountable product lines with analyst, press and customer communities. * Manage and grow both manager and individual contributor (IC) Product Managers, ensuring they are motivated, delivering high quality work and finding high fulfillment. * Model and contribute to a culture of learning and collaboration across product management and the broader organization. * Raise the bar of PM leadership through leadership in strategy development, roadmap planning and execution, GTM and overall product-leader responsibilities. Who You Are: * An experienced leader in Product Management with demonstrated business growth and customer adoption success in the CNAPP market, as well as demonstrated experience driving shared platform capabilities in service of multiple products. * A seasoned team leader with experience directly managing product management teams and mentoring talent into sustained high performers. * Passionate about GTM and have demonstrated success in developing GTM programs and achieving GTM targets with counterparts in sales, sales engineering, channels, marketing and customer success. * Excellent at cross-functional alignment and ensuring all partner organizations are fully aligned and committed to delivering what is needed to achieve roadmap and business goals. * Highly skilled in pricing and packaging strategies to maximize revenue potential and strategic advantage. * Highly customer-centric and a convincing champion of the needs of the customer to deliver a compelling, high value and high quality customer experience across all phases of the customer lifecycle. * Previously a software engineer, security engineer or have demonstrated technical knowledge to be able to discuss technical concepts with customers and engineering counterparts. * A compelling presenter with excellent verbal and written communication skills with a proven track record of presenting and defending your ideas to executive, technical and non-technical audiences, as well as external audiences including industry analysts. * Highly data-driven with an advanced analytical aptitude that can draw critical insights through synthesizing market, competitive, usage, pipeline and other data sources. Datadog values people from all walks of life. We know not everyone will meet all the above qualifications on day one. That's okay. If you're passionate about technology and want to grow your experience, we encourage you to apply. Benefits and Growth: * Work on industry-leading cloud security products that protect organizations at global scale. * Lead highly talented product management teams solving complex technical challenges. * Partner with world-class engineering and go-to-market organizations. * Influence company strategy and the future direction of Datadog's security platform. * Grow your leadership through meaningful ownership, mentorship, and cross-functional collaboration. * Contribute to an inclusive culture focused on learning, innovation, and customer impact. * Benefits and Growth listed above may vary based on the country of your employment and the nature of your employment with Datadog. ---------------------------------------------------------------------------------------------------------------------------------- About Datadog: Datadog is the leading observability and security platform for the AI era, providing businesses with unified visibility across the technology stack to manage complexity at scale. It brings applications, infrastructure, data, models, and security into one place, using AI to detect and resolve issues before they impact customers. Trusted globally by Fortune 500 companies and high-growth AI leaders, Datadog enables businesses to move faster with clarity and confidence. Learn more about #DatadogLife on Instagram, LinkedIn, and Datadog Learning Center. ---------------------------------------------------------------------------------------------------------------------------------- Equal Opportunity at Datadog: Datadog is proud to offer equal employment opportunity to everyone regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity, veteran status, and other characteristics protected by law. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. Here are our Candidate Legal Notices for your reference. Datadog endeavors to make our Careers Page accessible to all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please complete this form. This form is for accommodation requests only and cannot be used to inquire about the status of applications. Privacy and AI Guidelines: Any information you submit to Datadog as part of your application will be processed in accordance with Datadog’s Applicant and Candidate Privacy Notice. For information on our AI policy, please visit Interviewing at Datadog AI Guidelines.
L’histoire du groupe Theodo et son succèsTheodo accompagne depuis 2009 les entreprises innovantes dans la conception, le développement et le déploiement de produits digitaux ingénieux - tels que la plateforme TF1+, l'application LCL Pro ou l'application France Identité Numérique - en tirant parti du meilleur de la technologie et de l’approche Lean. Theodo connait une croissance exceptionnelle depuis 15 ans : nos équipes rassemblent plus de 700 Theodoers, principalement des Software Engineers, passionnés de technologie et d’amélioration continue. En 2025, le groupe Theodo génère 100M€ de CA. Chez Theodo HealthTech, l'entité experte en santé, nous accompagnons tous les acteurs de la santé dans le développement des dispositifs médicaux digitaux sur-mesure. Grâce à notre expérience du Lean et de la tech, combinées à notre connaissance de la santé, nous concevons et développons des dispositifs médicaux numériques qui s'intègrent dans le parcours de soins des patients (thérapies digitales - DTx, essais cliniques virtualisés, parcours de soins digitalisés). Notre but est de réaliser des produits qui changent la vie de leurs utilisateurs, qu'ils soient soignants ou patients. Ton équipe : Chez Theodo, les techs travaillent en équipes projet, constituées en fonction des besoins de chaque client, réunissant Software Engineers, Tech Lead et Product Manager. Ensemble, ils collaborent étroitement avec le client, avec des échanges réguliers pour partager vos avancées, approfondir la compréhension de son problème et faire évoluer le produit au plus près des besoins de ses utilisateurs. En tant qu’Engineering Manager, ton rôle est de manager jusqu’à 4 tech leads, soit de chapeauter la réussite de 4 projets, en binôme avec un(e) Group Project Manager. Tes futures missions : Le besoin actuel porte sur des missions “grands-comptes” avec des produits et architectures complexes, développées par plusieurs squads de Theodo : - Manager & faire progresser les Tech Leads : tu accompagnes 1 à 4 Tech Leads dans leur montée en compétence et leur épanouissement. - Assurer le delivery technique : tu garantis la qualité du code (3S : stabilité, sécurité, vitesse), la tenue des jalons et la robustesse de l’architecture. - Contribuer au développement business : tu participes aux discussions stratégiques avec nos clients (DSI, sponsors…), tu aides à identifier des opportunités et tu es acteur de l’avant-vente avec nos sales. Les problématiques et les technos sont très différentes d’un projet à l’autre, voici quelques exemples : - Hub Santé : lancé par l’Agence du Numérique en Santé en 2024, vise à connecter en temps réel les 83 SAMU, SMUR, SDIS et autres acteurs de l’urgence, dans un écosystème historiquement fragmenté. Accompagnée par une équipe de 3 experts Theodo, l’ANS a déployé une plateforme nationale d’interopérabilité permettant une coordination critique plus fluide et sécurisée. Résultats : +10 SAMU connectés dès la phase pilote, interopérabilité effective sur plusieurs périmètres et conformité HDS maintenue. - Vidal : référence centenaire de l’information médicale, a développé avec Theodo un assistant médical basé sur l’IA générative pour fournir aux professionnels de santé des réponses fiables en un temps record et sécuriser la prescription. En 8 semaines, une équipe de 4 experts Theodo a conçu un POC de chatbot RAG connecté à la base Vidal, capable de réduire le temps de recherche tout en garantissant traçabilité et fiabilité des sources. Objectif : renforcer la confiance des praticiens et faire entrer Vidal dans l’ère du service médical “fonctionnel”. Tes perspectives d’évolutions : Perspectives d’évolution moyen terme (1 - 2 ans) : - Manageriale : VP Tech ou Group Manager - Technique : Architecte senior - Business/Influence : Thought Leader (animer une communauté tech) ou Intrapreneur (porter une nouvelle offre) Une méthodologie basée sur l’apprentissage continu : Chez Theodo, nous avons construit notre approche tech autour d’une conviction forte : on développe d’abord les personnes, avant de développer les produits. Notre Lean Tech® System met l’accent sur l’apprentissage continu : tu évolueras dans un environnement qui investit sur le long terme, où l’objectif est de te permettre de progresser chaque jour, tout en construisant des produits utiles et performants pour nos clients. Profil recherché : - 7 à 14 ans d’expérience professionnelle, avec une expérience confirmée en management d’équipes tech et en environnement ESN / conseil. - Basé(e) en région parisienne, avec une préférence pour une présence majoritaire au bureau, attendue pour un rôle stratégique et managérial. Hard skills - Solide expertise technologique (Java / Spring Boot et/ou Angular) permettant d’être crédible et légitime auprès des équipes, sans être attendu·e sur le code au quotidien. - Capacité à concevoir des architectures évolutives et à arbitrer des choix techniques dans des contextes grands comptes complexes. - Expérience significative en management d’équipes techniques, avec la capacité à débloquer des Tech - Leads sur des problématiques techniques complexes. - Capacité d’analyse et de résolution de problèmes complexes, avec un impact transverse dans l’organisation. - Intérêt pour l’IA générative et son usage dans la conception et le développement de produits digitaux. Soft skills - Leadership affirmé et posture pédagogique pour embarquer, inspirer et faire progresser des équipes exigeantes. - Orientation marquée business et création de valeur : chez Theodo, nous ne faisons pas de la tech pour la tech. - Aisance relationnelle et communicationnelle, avec la capacité d’adresser tous niveaux d’interlocuteurs, y compris C-level, et de mener des conversations exigeantes. Le process de recrutement : - Call de qualification (30 min) avec un membre de l’équipe recrutement - Cultural fit (1h) avec le même recruteur - Test technique de refactoring (à la maison + débrief 1h) - Entretien modélisation (1h) - Simulation vente d’architecture à un DSI (1h) - Final avec un dirigeant - Prise de référence