At NiCE, we don’t limit our challenges. We challenge our limits. Always. We’re ambitious. We’re game changers. And we play to win. We set the highest standards and execute beyond them. And if you’re like us, we can offer you the ultimate career opportunity that will light a fire within you.

At NICE, we don’t limit our challenges. We challenge our limits. Always. We’re ambitious. We’re game changers. And we play to win. We set the highest standards and execute beyond them. And if you’re like us, we can offer you the ultimate career opportunity that will light a fire within you.

So, what’s the role all about?

The ideal candidate will be responsible for designing, implementing, and maintaining security measures to protect our organization’s computer systems, networks, and SaaS products. This role requires a hands-on approach to identifying vulnerabilities, implementing solutions, and staying abreast of the latest security trends and technologies. The Senior Information Security Engineer will collaborate closely with cross-functional teams to ensure the confidentiality, integrity, and availability of our systems and data.

How will you make an impact?

• Security Tooling: Deploy, maintain, integrate, and perform initial configuration of security tools.
• Vulnerability Management: Coordinate and conduct regular security assessments, penetration testing, and vulnerability scans to identify and address security weaknesses proactively.
• Incident Response: Lead incident response efforts to promptly detect, analyze, and mitigate security incidents and breaches. Develop and maintain incident response plans and procedures.
• Security Operations: Monitor security logs and alerts, investigate suspicious activities, and respond to security events in real-time. Implement and maintain security tools and technologies to enhance our security posture.
• Identity and Access Management: Manage user access controls, authentication mechanisms, and identity management systems to ensure appropriate levels of access and privilege.

Have you got what it takes?

• At least 5 years of experience in information security, with a focus on hands-on security engineering and operations.
• In-depth knowledge of networking protocols, operating systems, and cloud technologies.
• Strong understanding of security principles, practices, and frameworks (e.g., PCI, NIST, ISO 27001).
• Experience with security tools such as SIEM, IDS/IPS, endpoint protection, and penetration testing tools.
• Experience with public cloud security, specifically AWS, Azure, and Google Cloud Platform (GCP).

You will have an advantage if you also have:

• Relevant certifications such as CISSP, CISM, CEH, or cloud-specific certifications (e.g., AWS Certified Security – Specialty, Microsoft Certified: Azure Security Engineer Associate, Google Professional Cloud Security Engineer) are highly desirable.

What’s in it for you?

Join an ever-growing, market disrupting, global company where the teams – comprised of the best of the best – work in a fast-paced, collaborative, and creative environment! As the market leader, every day at NICE is a chance to learn and grow, and there are endless internal career opportunities across multiple roles, disciplines, domains, and locations. If you are passionate, innovative, and excited to constantly raise the bar, you may just be our next NICEr!

Enjoy NICE-FLEX!

At NICE, we work according to the NICE-FLEX hybrid model, which enables maximum flexibility: 2 days working from the office and 3 days of remote work, each week. Naturally, office days focus on face-to-face meetings, where teamwork and collaborative thinking generate innovation, new ideas, and a vibrant, interactive atmosphere.

About NICE

NICE Ltd. (NASDAQ: NICE) software products are used by 25,000+ global businesses, including 85 of the Fortune 100 corporations, to deliver extraordinary customer experiences, fight financial crime and ensure public safety. Every day, NICE software manages more than 120 million customer interactions and monitors 3+ billion financial transactions.

Known as an innovation powerhouse that excels in AI, cloud and digital, NICE is consistently recognized as the market leader in its domains, with over 8,500 employees across 30+ countries.

NICE is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, national origin, age, sex, marital status, ancestry, neurotype, physical or mental disability, veteran status, gender identity, sexual orientation or any other category protected by law.

Requisition ID: 10996

Reporting into: Damon Hefner, Manager Information Security

Role Type: Individual Contributor

About NiCE

NICE Ltd. (NASDAQ: NICE) software products are used by 25,000+ global businesses, including 85 of the Fortune 100 corporations, to deliver extraordinary customer experiences, fight financial crime and ensure public safety. Every day, NiCE software manages more than 120 million customer interactions and monitors 3+ billion financial transactions.

Known as an innovation powerhouse that excels in AI, cloud and digital, NiCE is consistently recognized as the market leader in its domains, with over 8,500 employees across 30+ countries.

NiCE is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, national origin, age, sex, marital status, ancestry, neurotype, physical or mental disability, veteran status, gender identity, sexual orientation or any other category protected by law.

Company Description

Tech native for over 30 years, Devoteam guides businesses through sustainable digital transformation to deliver value.

With over 11,000 tech architects in more than 25 countries across Europe, the Middle East, and Africa, Devoteam is committed to using technology to serve people.

Devoteam has been a ServiceNow Elite Partner since 2019. In 2026, it was recognised as ServiceNow Partner of the Year for the fourth consecutive year.

Job Description

Looking to take your IT security consulting career to the next level? Our ServiceNow Cyber & Risk team is seeking a Consultant with an innovative, can-do attitude and a passion for making a difference. You’ll be based in our Prague office and work with global companies from across Europe.

With us, you’ll have the chance to do the job of your dreams - the one you didn’t even know you wanted yet. Here’s what you can expect:

• Leading the implementations of key ServiceNow IRM and SecOps projects within Devoteam Group.
• Technical leadership of the team - training, presentations, knowledge sharing.
• Pre-sales  and delivering product demos to potential customers, proposals preparations, projects estimations.
• Working on a variety of projects focused on advisory and implementation of Security Operations, Risk and Compliance using ServiceNow SecOps and IRM product suites.

Qualifications

You will be a great fit for this role if you have…

• 3+ years of consulting or implementation work experience in the field of IT security, risk or compliance.
• Knowledge of security trends and their application to address cyber security issues.
• An understanding of security, risk, and privacy standards and frameworks such as ISO2700x family, NIST CSF, DORA, NIS2, GDPR, and others.
• Analytical mindset and a can-do attitude.
• Fluent English communication skills.
• Soft skills such as communication and presentation.

Want to be head of the pack? We’d definitely welcome…

• Experience with international security projects is an advantage.
• Experience using/implementing ServiceNow IRM or SecOps is an advantage.
• A degree in Information Technologies (ideally with a focus on cyber security) is an advantage.
• Knowledge of the German language is an advantage

What will you get apart from the salary?

• 5 weeks of vacation per year (= 1 week extra)
• 4 My Days per year
• Hybrid office
• Flexible working hours
• Career Management, training and certifications in the best breed of technologies - focused on technical skills (ServiceNow, Google), Project Management methodology etc., including Udemy for business account.
• Meal allowance up to 28.000 CZK/year (123,90 CZK/day)
• Cafeteria 1000 CZK/month (MultiSport Card available)
• Phone tariff (unlimited calls, texts messages within the EU, 20GB of Internet)
• Employee Referral Program
• Sabbatical leave
• Repurchase of hardware

Moreover, we offer:

• Foreign business trips
• Above standard working equipment
• Company Mobile Phone (selection from Android/iPhone)
• Company Laptop (Windows/macOS)
• Coffee, tea, snacks and breakfasts in the office
• Company events and teambuildings
• Gifts for work anniversaries, promotion or childbirth
• Friendly and open culture

And last but not least, you can rely on:

• Transparent framework for career growth, reinforced by annual performance evaluations
• Trust and autonomy, with no micro-management
• Learning from senior colleagues and opportunities to collaborate with professionals from various industries
• Opportunities to attend conferences to keep skills up-to-date
• Working on a variety of projects for a broader range of experience
• Adoption and utilization of evolving IT technologies
• Usage of AI tools and access to elaborate, tailored AI training

Additional Information

Benefits:

• 5 weeks of vacation per year (= 1 week extra)
• 4 “My Days” per year
• Hybrid office
• Flexible working hours
• Udemy for business account
• Meal allowance up to 32.000 CZK/year (129,50 CZK/day)
• Cafeteria 1200 CZK/month (MultiSport Card available)
• Phone tariff (unlimited calls, texts messages within the EU, 20GB of Internet)
• Employee Referral Program
• Sabbatical leave
• Repurchase of hardware

Moreover, we offer:

• Above standard working equipment
• Company mobile phone (selection from Android/iPhone)
• Company laptop (Windows/macOS)
• Coffee, tea, snacks and breakfasts in the office
• Company events and team buildings
• Gifts for work anniversaries, promotion or childbirth
• Friendly and open culture

And last but not least, you can rely on:

• Transparent framework for career growth, reinforced by annual performance evaluations
• Trust and autonomy, with no micro-management
• Learning from senior colleagues and opportunities to collaborate with professionals from various industries
• Opportunities to attend conferences to keep skills up-to-date
• Usage of AI tools and access to elaborate, tailored AI training

At NiCE, we don’t limit our challenges. We challenge our limits. Always. We’re ambitious. We’re game changers. And we play to win. We set the highest standards and execute beyond them. And if you’re like us, we can offer you the ultimate career opportunity that will light a fire within you.

Information Security Engineer

At NICE, we don’t limit our challenges. We challenge our limits. Always. We’re ambitious. We’re game changers. And we play to win. We set the highest standards and execute beyond them. And if you’re like us, we can offer you the ultimate career opportunity that will light a fire within you.

So, what’s the role all about?

The Information Security Engineer will assist in implementing and administering initiatives implemented by InfoSec, including security initiatives mandated by regulatory and compliance requirements. This position will be responsible for ensuring that regular housekeeping activities are performed to maintain and monitor processes and systems.

The role ensures that both Corporate and Production services are managed according to company policies, processes, and compliance and regulatory requirements.

How will you make an impact?

• Create, manage, and respond to security incidents and conduct analysis in accordance with existing processes and company security policies
• Installation, configuration, and administration of information security tools such as, but not limited to, endpoint protection, SIEM, XDR, WAF, vulnerability scanners, and DLP
• Troubleshoot and resolve technical issues related to security tools and security processes
• Coordinate with third-party vendors
• Assist with internal and external audits associated with regulatory and compliance requirements
• Provide formal notification to Information Security leadership when changes are planned that may impact the approved security posture of NICE CX or the associated certification and accreditation
• Review and recommend improvements to information security processes
• Ensure regular housekeeping activities are performed to maintain system integrity and monitoring

Have you got what it takes?

• Knowledge of basic information security principles and theories
• A minimum of 3 years working in IT and data networks
• A minimum of 3 years working in Security Operations
• Good English communication skills
• Proven track record of solving problems
• Good organization and project management skills
• Advanced computer skills in desktop applications
• Possess excellent analytic skills including numbers, patterns, processes, and data flow
• Self-starter who can function without constant oversight

You will have an advantage if you also have:

• Proficient with Microsoft Applications
• Holder of COMPTIA Security+, CISA, CISSP, SSCP, CCSK, or related certification
• Knowledge of GDPR, PCI, SOC 2, FedRAMP, IRAP, and HIPAA compliance regulations

What you need to know

• This job is not intended to be all-inclusive, and employees will also perform other reasonable related business duties as assigned
• This organization reserves the right to revise or change job duties as the need arises
• This job may require overtime, including nighttime, early morning, and weekend hours
• This job may require on-call availability

What’s in it for you?

Learn more about the Benefits at NICE

Join an ever-growing, market-disrupting, global company where the teams – comprised of the best of the best – work in a fast-paced, collaborative, and creative environment! As the market leader, every day at NICE is a chance to learn and grow, and there are endless internal career opportunities across multiple roles, disciplines, domains, and locations. If you are passionate, innovative, and excited to constantly raise the bar, you may just be our next NICEr!

About NICE

NICE Ltd. (NASDAQ: NICE) software products are used by 25,000+ global businesses, including 85 of the Fortune 100 corporations, to deliver extraordinary customer experiences, fight financial crime, and ensure public safety. Every day, NICE software manages more than 120 million customer interactions and monitors 3+ billion financial transactions.

Known as an innovation powerhouse that excels in AI, cloud, and digital, NICE is consistently recognized as the market leader, with over 8,500 employees across 30+ countries.

NICE is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, national origin, age, sex, marital status, ancestry, neurotype, physical or mental disability, veteran status, gender identity, sexual orientation, or any other category protected by law.

#LI-Hybrid

Requisition ID: 10994 Reporting into: Manager, Information Security, CX

Role Type: Individual Contributor

About NiCE

NICE Ltd. (NASDAQ: NICE) software products are used by 25,000+ global businesses, including 85 of the Fortune 100 corporations, to deliver extraordinary customer experiences, fight financial crime and ensure public safety. Every day, NiCE software manages more than 120 million customer interactions and monitors 3+ billion financial transactions.

Known as an innovation powerhouse that excels in AI, cloud and digital, NiCE is consistently recognized as the market leader in its domains, with over 8,500 employees across 30+ countries.

NiCE is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, national origin, age, sex, marital status, ancestry, neurotype, physical or mental disability, veteran status, gender identity, sexual orientation or any other category protected by law.

At NiCE, we don’t limit our challenges. We challenge our limits. Always. We’re ambitious. We’re game changers. And we play to win. We set the highest standards and execute beyond them. And if you’re like us, we can offer you the ultimate career opportunity that will light a fire within you.

Information Security Engineer

At NICE, we don’t limit our challenges. We challenge our limits. Always. We’re ambitious. We’re game changers. And we play to win. We set the highest standards and execute beyond them. And if you’re like us, we can offer you the ultimate career opportunity that will light a fire within you.

So, what’s the role all about?

The Information Security Engineer will assist in implementing and administering initiatives implemented by InfoSec, including security initiatives mandated by regulatory and compliance requirements. This position will be responsible for ensuring that regular housekeeping activities are performed to maintain and monitor processes and systems.

The role ensures that both Corporate and Production services are managed according to company policies, processes, and compliance and regulatory requirements.

How will you make an impact?

• Create, manage, and respond to security incidents and conduct analysis in accordance with existing processes and company security policies
• Installation, configuration, and administration of information security tools such as, but not limited to, endpoint protection, SIEM, XDR, WAF, vulnerability scanners, and DLP
• Troubleshoot and resolve technical issues related to security tools and security processes
• Coordinate with third-party vendors
• Assist with internal and external audits associated with regulatory and compliance requirements
• Provide formal notification to Information Security leadership when changes are planned that may impact the approved security posture of NICE CX or the associated certification and accreditation
• Review and recommend improvements to information security processes
• Ensure regular housekeeping activities are performed to maintain system integrity and monitoring

Have you got what it takes?

• Knowledge of basic information security principles and theories
• A minimum of 3 years working in IT and data networks
• A minimum of 3 years working in Security Operations
• Good English communication skills
• Proven track record of solving problems
• Good organization and project management skills
• Advanced computer skills in desktop applications
• Possess excellent analytic skills including numbers, patterns, processes, and data flow
• Self-starter who can function without constant oversight

You will have an advantage if you also have:

• Proficient with Microsoft Applications
• Holder of COMPTIA Security+, CISA, CISSP, SSCP, CCSK, or related certification
• Knowledge of GDPR, PCI, SOC 2, FedRAMP, IRAP, and HIPAA compliance regulations

What you need to know

• This job is not intended to be all-inclusive, and employees will also perform other reasonable related business duties as assigned
• This organization reserves the right to revise or change job duties as the need arises
• This job may require overtime, including nighttime, early morning, and weekend hours
• This job may require on-call availability

What’s in it for you?

Learn more about the Benefits at NICE

Join an ever-growing, market-disrupting, global company where the teams – comprised of the best of the best – work in a fast-paced, collaborative, and creative environment! As the market leader, every day at NICE is a chance to learn and grow, and there are endless internal career opportunities across multiple roles, disciplines, domains, and locations. If you are passionate, innovative, and excited to constantly raise the bar, you may just be our next NICEr!

About NICE

NICE Ltd. (NASDAQ: NICE) software products are used by 25,000+ global businesses, including 85 of the Fortune 100 corporations, to deliver extraordinary customer experiences, fight financial crime, and ensure public safety. Every day, NICE software manages more than 120 million customer interactions and monitors 3+ billion financial transactions.

Known as an innovation powerhouse that excels in AI, cloud, and digital, NICE is consistently recognized as the market leader, with over 8,500 employees across 30+ countries.

NICE is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, national origin, age, sex, marital status, ancestry, neurotype, physical or mental disability, veteran status, gender identity, sexual orientation, or any other category protected by law.

#LI-Hybrid

Requisition ID: 10995 Reporting into: Manager, Information Security, CX

Role Type: Individual Contributor

About NiCE

NICE Ltd. (NASDAQ: NICE) software products are used by 25,000+ global businesses, including 85 of the Fortune 100 corporations, to deliver extraordinary customer experiences, fight financial crime and ensure public safety. Every day, NiCE software manages more than 120 million customer interactions and monitors 3+ billion financial transactions.

Known as an innovation powerhouse that excels in AI, cloud and digital, NiCE is consistently recognized as the market leader in its domains, with over 8,500 employees across 30+ countries.

NiCE is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, national origin, age, sex, marital status, ancestry, neurotype, physical or mental disability, veteran status, gender identity, sexual orientation or any other category protected by law.

At NiCE, we don’t limit our challenges. We challenge our limits. Always. We’re ambitious. We’re game changers. And we play to win. We set the highest standards and execute beyond them. And if you’re like us, we can offer you the ultimate career opportunity that will light a fire within you.

At NICE, we don’t limit our challenges. We challenge our limits. Always. We’re ambitious. We’re game changers. And we play to win. We set the highest standards and execute beyond them. And if you’re like us, we can offer you the ultimate career opportunity that will light a fire within you.

So, what’s the role all about?

The Information Security Analyst is primarily responsible for ensuring compliance with information security frameworks such as Cyber Essentials, Cyber Essentials Plus, ISO 27001, ISO 27701, ISO 42001, GDPR, and DORA. This role focuses on internal audits, regulatory compliance, and readiness for external audits while also contributing to Cybersecurity Operations Center (CSOC) activities, including incident monitoring and response.

How will you make an impact?

• Internal Audit Execution: Conduct internal audits to evaluate and enhance IT controls, compliance with standards, and risk management processes.
• Audit Preparation: Assist internal control owners in scoping appropriate evidence and preparing for external audits.
• Gap Assessments: Facilitate and/or conduct internal gap assessments and audit readiness evaluations for frameworks such as ISO 27001, GDPR, and DORA.
• Framework Tracking: Monitor updates to Cyber Essentials, ISO, and regulatory frameworks and ensure internal alignment.
• Control Documentation: Develop and maintain control narratives, walkthroughs, and documentation of compliance processes.
• Audit Findings: Identify control deficiencies and work with stakeholders to recommend cost-effective, value-added remediation actions.
• Compliance Reporting: Draft audit reports and present findings to management during status updates and closing meetings.
• External Audit Coordination: Collaborate with external audit teams to streamline processes and provide requested documentation and evidence.
• Security Monitoring: Use tools such as Rapid7 InsightIDR or other SIEM solutions to assist with security monitoring and incident detection.
• Incident Response Support: Participate in incident response efforts, documenting security incidents and assisting in containment and recovery actions.
• Threat Identification: Contribute to analyzing cybersecurity threats and implementing recommendations to improve the security posture.
• Policy and Procedure Development: Assist in creating and refining cybersecurity policies and operational procedures to align with audit and compliance objectives.
• Vulnerability Management: Support the tracking and remediation of vulnerabilities in coordination with IT and Security Operations teams.

Have you got what it takes?

• Strong expertise in audit and compliance frameworks, including ISO 27001, ISO 27701, ISO 42001, GDPR, DORA, Cyber Essentials, and Cyber Essentials Plus.

• Familiarity with CSOC tools such as Rapid7 InsightIDR or other SIEM solutions.

• Hands-on experience in internal and external audits, compliance assessments, and process improvement.

• Basic understanding of incident response frameworks and cybersecurity best practices.

• Exceptional analytical, organizational, and communication skills.

• Commitment to continuous learning and professional development in audit, compliance, and security.

You will have an advantage if you also have:

• A Master’s degree in Cybersecurity, Risk Management, or related fields is a plus.

• Certifications (preferred or required):

• Certified Information Systems Auditor (CISA)

• Certified Information Security Manager (CISM)

• Certified Information Systems Security Professional (CISSP)

• ISO 27001 Lead Auditor or Implementer

• Cyber Essentials Assessor (or equivalent)

• GIAC certifications (e.g., GIAC Certified Incident Handler - GCIH or GIAC Security Essentials - GSEC)

What’s in it for you?

Join an ever-growing, market disrupting, global company where the teams – comprised of the best of the best – work in a fast-paced, collaborative, and creative environment! As the market leader, every day at NICE is a chance to learn and grow, and there are endless internal career opportunities across multiple roles, disciplines, domains, and locations. If you are passionate, innovative, and excited to constantly raise the bar, you may just be our next NICEr!

Enjoy NICE-FLEX!

At NICE, we work according to the NICE-FLEX hybrid model, which enables maximum flexibility: 2 days working from the office and 3 days of remote work, each week. Naturally, office days focus on face-to-face meetings, where teamwork and collaborative thinking generate innovation, new ideas, and a vibrant, interactive atmosphere.

About NICE

NICE Ltd. (NASDAQ: NICE) software products are used by 25,000+ global businesses, including 85 of the Fortune 100 corporations, to deliver extraordinary customer experiences, fight financial crime and ensure public safety. Every day, NICE software manages more than 120 million customer interactions and monitors 3+ billion financial transactions.

Known as an innovation powerhouse that excels in AI, cloud and digital, NICE is consistently recognized as the market leader in its domains, with over 8,500 employees across 30+ countries.

NICE is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, national origin, age, sex, marital status, ancestry, neurotype, physical or mental disability, veteran status, gender identity, sexual orientation or any other category protected by law.

Requisition ID: 10993

Reporting into: Director Information

Role Type: Individual Contributor

About NiCE

NICE Ltd. (NASDAQ: NICE) software products are used by 25,000+ global businesses, including 85 of the Fortune 100 corporations, to deliver extraordinary customer experiences, fight financial crime and ensure public safety. Every day, NiCE software manages more than 120 million customer interactions and monitors 3+ billion financial transactions.

Known as an innovation powerhouse that excels in AI, cloud and digital, NiCE is consistently recognized as the market leader in its domains, with over 8,500 employees across 30+ countries.

NiCE is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, national origin, age, sex, marital status, ancestry, neurotype, physical or mental disability, veteran status, gender identity, sexual orientation or any other category protected by law.

Set a new pulse for healthcare!

We are looking for a Senior Security Engineer to join the SecOps team at Doctolib.

Your mission will be to protect the infrastructure, identities, devices and platform that millions of patients and hundreds of thousands of health professionals rely on every day. You will work hands-on across the full corporate IT security perimeter (identity, endpoint, SaaS, network and cloud) in a highly regulated environment (HDS, ISO 27001, C5) where security directly impacts patient safety and trust in the healthcare system.

Working in the tech team at Doctolib means building innovative products and features to improve the daily lives of care teams and patients.

What you’ll do

Your responsibilities include but are not limited to:

• Design and ship security changes as code, reviewed in pull requests like any production change, across our identity, endpoint, SaaS and network security stack
• Build detections, dashboards and automated responses on top of our SIEM (Elastic), writing queries and continuously tuning alert quality
• Drive corporate IT security programs from architecture to enforcement spanning Entra ID, CrowdStrike, Wiz, and Cloudflare
• Investigate security incidents end-to-end and iterate on playbooks with each resolution cycle
• Write proposals and run cross-team change management on major security initiatives, ensuring robust communication with stakeholders
• Mentor junior engineers and contribute to platform security topics when initiatives span both the corporate and product perimeters

Who you are

Before you read on: if you don’t have the exact profile described below, but you feel this job description matches your skill set, we still encourage you to apply.

You’ll be a great fit if you:

• Have 5+ years of hands-on experience in corporate, including at least 2 years at a senior level, with end-to-end ownership of multiple security domains (identity, endpoint, SaaS, network or detection) in production
• Have strong daily mastery of GitHub, Terraform and AI coding assistants (Claude or equivalent) — you ship security work as code reviewed in PRs, and you use AI agents as a structural part of your workflow, not as an occasional helper
• Have a solid detection engineering and SIEM background, and are comfortable writing queries and tuning alerts independently
• Bring a pragmatic mindset and strong written communication skills, with the ability to make decisions under uncertainty and follow through on complex, cross-team initiatives
• Are fluent in English (primary written working language); daily team conversations happen mostly in French, so being a French speaker or willing to learn is a strong plus

It would be fantastic if you:

• Have curiosity for platform security topics (cloud, Kubernetes, supply chain) and a willingness to contribute beyond your core corporate IT perimeter
• Bring prior experience in a regulated industry such as healthcare, fintech or the public sector

Life at Doctolib Tech

• Our solutions are built on a single fully cloud-native platform that supports web and mobile app interfaces, multiple languages, and is adapted to country and healthcare specialty requirements.
• Our stack is composed of Rails, TypeScript, Java, Python, Kotlin, Swift, and React Native.
• We leverage AI ethically across our products to empower patients and health professionals. Discover our AI vision here.

Want to learn more about our tech culture and environment? Visit the Doctolib Tech site .

What we offer

• Free comprehensive health insurance (basic package) for you and your children
• 25 days of paid vacation per year, plus up to 14 days of RTT
• Free mental health and coaching services through our partner Moka.care
• Work from abroad for up to 10 days per year thanks to our flexibility days policy
• Lunch vouchers (Swile card) worth €8.50 per working day, with €4.50 covered by Doctolib
• A subsidy from the work council to refund part of the membership to a sport club or a creative class
• 50% reimbursement of your public transport subscription
• Parent Care Program: receive one additional month of leave on top of the legal parental leave
• Enrollment in Doctolib’s long-term employee value sharing plan called DoctoGrowth
• For caregivers and workers with disabilities, a package including an adaptation of the remote policy, extra days off for medical reasons, and psychological support
• Relocation support in case of international mobility
• Access to the best AI tools for coding, development and dedicated training

Our interview process

• TA Screening
• Technical Deep Dive with a take-home case study and debrief session
• Behavioral Interview
• Final Conversation with the Head of SecOps
• At least one reference check

We want your experience to be clear, respectful, and transparent. Learn more about our hiring process on our candidate experience page.

Job details

• Permanent position
• Tech stack: Elastic, Entra ID, CrowdStrike, Wiz, Cloudflare, GitHub, Terraform
• Full-time
• Paris, France
• Hybrid work setup (up to 2 remote days per week)
• Start date: as soon as possible

We welcome everyone

At Doctolib, we are committed to improving access to healthcare for everyone. This translates into our recruitment process. We evaluate candidates based solely on qualifications and motivation, without any form of discrimination.

The more diverse ideas are heard, the more our product will truly improve healthcare for all. You are welcome to apply to Doctolib, regardless of your gender, religion, age, sexual orientation, ethnicity, or disability.

To ensure equal opportunities, we invite you to exclude personal information (e.g., pictures, age) from your applications. If you require any accommodation, please let us know for support during the hiring process.

Join us in building the healthcare we all dream of!

Your data privacy

All information provided is processed by Doctolib for application management. For data processing details, click here: France . Please contact hr.dataprivacy(at)doctolib.com for inquiries or to exercise your rights.

At NiCE, we don’t limit our challenges. We challenge our limits. Always. We’re ambitious. We’re game changers. And we play to win. We set the highest standards and execute beyond them. And if you’re like us, we can offer you the ultimate career opportunity that will light a fire within you.

Information Security Engineer

At NICE, we don’t limit our challenges. We challenge our limits. Always. We’re ambitious. We’re game changers. And we play to win. We set the highest standards and execute beyond them. And if you’re like us, we can offer you the ultimate career opportunity that will light a fire within you.

So, what’s the role all about?

The Information Security Engineer will assist in implementing and administering initiatives implemented by InfoSec, including security initiatives mandated by regulatory and compliance requirements. This position will be responsible for ensuring that regular housekeeping activities are performed to maintain and monitor processes and systems.

The role ensures that both Corporate and Production services are managed according to company policies, processes, and compliance and regulatory requirements.

How will you make an impact?

• Create, manage, and respond to security incidents and conduct analysis in accordance with existing processes and company security policies
• Installation, configuration, and administration of information security tools such as, but not limited to, endpoint protection, SIEM, XDR, WAF, vulnerability scanners, and DLP
• Troubleshoot and resolve technical issues related to security tools and security processes
• Coordinate with third-party vendors
• Assist with internal and external audits associated with regulatory and compliance requirements
• Provide formal notification to Information Security leadership when changes are planned that may impact the approved security posture of NICE CX or the associated certification and accreditation
• Review and recommend improvements to information security processes
• Ensure regular housekeeping activities are performed to maintain system integrity and monitoring

Have you got what it takes?

• Knowledge of basic information security principles and theories
• A minimum of 3 years working in IT and data networks
• A minimum of 3 years working in Security Operations
• Good English communication skills
• Proven track record of solving problems
• Good organization and project management skills
• Advanced computer skills in desktop applications
• Possess excellent analytic skills including numbers, patterns, processes, and data flow
• Self-starter who can function without constant oversight

You will have an advantage if you also have:

• Proficient with Microsoft Applications
• Holder of COMPTIA Security+, CISA, CISSP, SSCP, CCSK, or related certification
• Knowledge of GDPR, PCI, SOC 2, FedRAMP, IRAP, and HIPAA compliance regulations

What you need to know

• This job is not intended to be all-inclusive, and employees will also perform other reasonable related business duties as assigned
• This organization reserves the right to revise or change job duties as the need arises
• This job may require overtime, including nighttime, early morning, and weekend hours
• This job may require on-call availability

What’s in it for you?

Learn more about the Benefits at NICE

Join an ever-growing, market-disrupting, global company where the teams – comprised of the best of the best – work in a fast-paced, collaborative, and creative environment! As the market leader, every day at NICE is a chance to learn and grow, and there are endless internal career opportunities across multiple roles, disciplines, domains, and locations. If you are passionate, innovative, and excited to constantly raise the bar, you may just be our next NICEr!

About NICE

NICE Ltd. (NASDAQ: NICE) software products are used by 25,000+ global businesses, including 85 of the Fortune 100 corporations, to deliver extraordinary customer experiences, fight financial crime, and ensure public safety. Every day, NICE software manages more than 120 million customer interactions and monitors 3+ billion financial transactions.

Known as an innovation powerhouse that excels in AI, cloud, and digital, NICE is consistently recognized as the market leader, with over 8,500 employees across 30+ countries.

NICE is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, national origin, age, sex, marital status, ancestry, neurotype, physical or mental disability, veteran status, gender identity, sexual orientation, or any other category protected by law.

#LI-Hybrid

Requisition ID: 10994 Reporting into: Manager, Information Security, CX

Role Type: Individual Contributor

About NiCE

NICE Ltd. (NASDAQ: NICE) software products are used by 25,000+ global businesses, including 85 of the Fortune 100 corporations, to deliver extraordinary customer experiences, fight financial crime and ensure public safety. Every day, NiCE software manages more than 120 million customer interactions and monitors 3+ billion financial transactions.

Known as an innovation powerhouse that excels in AI, cloud and digital, NiCE is consistently recognized as the market leader in its domains, with over 8,500 employees across 30+ countries.

NiCE is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, national origin, age, sex, marital status, ancestry, neurotype, physical or mental disability, veteran status, gender identity, sexual orientation or any other category protected by law.

At NiCE, we don’t limit our challenges. We challenge our limits. Always. We’re ambitious. We’re game changers. And we play to win. We set the highest standards and execute beyond them. And if you’re like us, we can offer you the ultimate career opportunity that will light a fire within you.

Information Security Engineer

At NICE, we don’t limit our challenges. We challenge our limits. Always. We’re ambitious. We’re game changers. And we play to win. We set the highest standards and execute beyond them. And if you’re like us, we can offer you the ultimate career opportunity that will light a fire within you.

So, what’s the role all about?

The Information Security Engineer will assist in implementing and administering initiatives implemented by InfoSec, including security initiatives mandated by regulatory and compliance requirements. This position will be responsible for ensuring that regular housekeeping activities are performed to maintain and monitor processes and systems.

The role ensures that both Corporate and Production services are managed according to company policies, processes, and compliance and regulatory requirements.

How will you make an impact?

• Create, manage, and respond to security incidents and conduct analysis in accordance with existing processes and company security policies
• Installation, configuration, and administration of information security tools such as, but not limited to, endpoint protection, SIEM, XDR, WAF, vulnerability scanners, and DLP
• Troubleshoot and resolve technical issues related to security tools and security processes
• Coordinate with third-party vendors
• Assist with internal and external audits associated with regulatory and compliance requirements
• Provide formal notification to Information Security leadership when changes are planned that may impact the approved security posture of NICE CX or the associated certification and accreditation
• Review and recommend improvements to information security processes
• Ensure regular housekeeping activities are performed to maintain system integrity and monitoring

Have you got what it takes?

• Knowledge of basic information security principles and theories
• A minimum of 3 years working in IT and data networks
• A minimum of 3 years working in Security Operations
• Good English communication skills
• Proven track record of solving problems
• Good organization and project management skills
• Advanced computer skills in desktop applications
• Possess excellent analytic skills including numbers, patterns, processes, and data flow
• Self-starter who can function without constant oversight

You will have an advantage if you also have:

• Proficient with Microsoft Applications
• Holder of COMPTIA Security+, CISA, CISSP, SSCP, CCSK, or related certification
• Knowledge of GDPR, PCI, SOC 2, FedRAMP, IRAP, and HIPAA compliance regulations

What you need to know

• This job is not intended to be all-inclusive, and employees will also perform other reasonable related business duties as assigned
• This organization reserves the right to revise or change job duties as the need arises
• This job may require overtime, including nighttime, early morning, and weekend hours
• This job may require on-call availability

What’s in it for you?

Learn more about the Benefits at NICE

Join an ever-growing, market-disrupting, global company where the teams – comprised of the best of the best – work in a fast-paced, collaborative, and creative environment! As the market leader, every day at NICE is a chance to learn and grow, and there are endless internal career opportunities across multiple roles, disciplines, domains, and locations. If you are passionate, innovative, and excited to constantly raise the bar, you may just be our next NICEr!

About NICE

NICE Ltd. (NASDAQ: NICE) software products are used by 25,000+ global businesses, including 85 of the Fortune 100 corporations, to deliver extraordinary customer experiences, fight financial crime, and ensure public safety. Every day, NICE software manages more than 120 million customer interactions and monitors 3+ billion financial transactions.

Known as an innovation powerhouse that excels in AI, cloud, and digital, NICE is consistently recognized as the market leader, with over 8,500 employees across 30+ countries.

NICE is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, national origin, age, sex, marital status, ancestry, neurotype, physical or mental disability, veteran status, gender identity, sexual orientation, or any other category protected by law.

#LI-Hybrid

Requisition ID: 10995 Reporting into: Manager, Information Security, CX

Role Type: Individual Contributor

About NiCE

NICE Ltd. (NASDAQ: NICE) software products are used by 25,000+ global businesses, including 85 of the Fortune 100 corporations, to deliver extraordinary customer experiences, fight financial crime and ensure public safety. Every day, NiCE software manages more than 120 million customer interactions and monitors 3+ billion financial transactions.

Known as an innovation powerhouse that excels in AI, cloud and digital, NiCE is consistently recognized as the market leader in its domains, with over 8,500 employees across 30+ countries.

NiCE is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, national origin, age, sex, marital status, ancestry, neurotype, physical or mental disability, veteran status, gender identity, sexual orientation or any other category protected by law.

At NiCE, we don’t limit our challenges. We challenge our limits. Always. We’re ambitious. We’re game changers. And we play to win. We set the highest standards and execute beyond them. And if you’re like us, we can offer you the ultimate career opportunity that will light a fire within you.

At NICE, we don’t limit our challenges. We challenge our limits. Always. We’re ambitious. We’re game changers. And we play to win. We set the highest standards and execute beyond them. And if you’re like us, we can offer you the ultimate career opportunity that will light a fire within you.

So, what’s the role all about?

The Information Security Analyst is primarily responsible for ensuring compliance with information security frameworks such as Cyber Essentials, Cyber Essentials Plus, ISO 27001, ISO 27701, ISO 42001, GDPR, and DORA. This role focuses on internal audits, regulatory compliance, and readiness for external audits while also contributing to Cybersecurity Operations Center (CSOC) activities, including incident monitoring and response.

How will you make an impact?

• Internal Audit Execution: Conduct internal audits to evaluate and enhance IT controls, compliance with standards, and risk management processes.
• Audit Preparation: Assist internal control owners in scoping appropriate evidence and preparing for external audits.
• Gap Assessments: Facilitate and/or conduct internal gap assessments and audit readiness evaluations for frameworks such as ISO 27001, GDPR, and DORA.
• Framework Tracking: Monitor updates to Cyber Essentials, ISO, and regulatory frameworks and ensure internal alignment.
• Control Documentation: Develop and maintain control narratives, walkthroughs, and documentation of compliance processes.
• Audit Findings: Identify control deficiencies and work with stakeholders to recommend cost-effective, value-added remediation actions.
• Compliance Reporting: Draft audit reports and present findings to management during status updates and closing meetings.
• External Audit Coordination: Collaborate with external audit teams to streamline processes and provide requested documentation and evidence.
• Security Monitoring: Use tools such as Rapid7 InsightIDR or other SIEM solutions to assist with security monitoring and incident detection.
• Incident Response Support: Participate in incident response efforts, documenting security incidents and assisting in containment and recovery actions.
• Threat Identification: Contribute to analyzing cybersecurity threats and implementing recommendations to improve the security posture.
• Policy and Procedure Development: Assist in creating and refining cybersecurity policies and operational procedures to align with audit and compliance objectives.
• Vulnerability Management: Support the tracking and remediation of vulnerabilities in coordination with IT and Security Operations teams.

Have you got what it takes?

• Strong expertise in audit and compliance frameworks, including ISO 27001, ISO 27701, ISO 42001, GDPR, DORA, Cyber Essentials, and Cyber Essentials Plus.

• Familiarity with CSOC tools such as Rapid7 InsightIDR or other SIEM solutions.

• Hands-on experience in internal and external audits, compliance assessments, and process improvement.

• Basic understanding of incident response frameworks and cybersecurity best practices.

• Exceptional analytical, organizational, and communication skills.

• Commitment to continuous learning and professional development in audit, compliance, and security.

You will have an advantage if you also have:

• A Master’s degree in Cybersecurity, Risk Management, or related fields is a plus.

• Certifications (preferred or required):

• Certified Information Systems Auditor (CISA)

• Certified Information Security Manager (CISM)

• Certified Information Systems Security Professional (CISSP)

• ISO 27001 Lead Auditor or Implementer

• Cyber Essentials Assessor (or equivalent)

• GIAC certifications (e.g., GIAC Certified Incident Handler - GCIH or GIAC Security Essentials - GSEC)

What’s in it for you?

Join an ever-growing, market disrupting, global company where the teams – comprised of the best of the best – work in a fast-paced, collaborative, and creative environment! As the market leader, every day at NICE is a chance to learn and grow, and there are endless internal career opportunities across multiple roles, disciplines, domains, and locations. If you are passionate, innovative, and excited to constantly raise the bar, you may just be our next NICEr!

Enjoy NICE-FLEX!

At NICE, we work according to the NICE-FLEX hybrid model, which enables maximum flexibility: 2 days working from the office and 3 days of remote work, each week. Naturally, office days focus on face-to-face meetings, where teamwork and collaborative thinking generate innovation, new ideas, and a vibrant, interactive atmosphere.

About NICE

NICE Ltd. (NASDAQ: NICE) software products are used by 25,000+ global businesses, including 85 of the Fortune 100 corporations, to deliver extraordinary customer experiences, fight financial crime and ensure public safety. Every day, NICE software manages more than 120 million customer interactions and monitors 3+ billion financial transactions.

Known as an innovation powerhouse that excels in AI, cloud and digital, NICE is consistently recognized as the market leader in its domains, with over 8,500 employees across 30+ countries.

NICE is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, national origin, age, sex, marital status, ancestry, neurotype, physical or mental disability, veteran status, gender identity, sexual orientation or any other category protected by law.

Requisition ID: 10993

Reporting into: Director Information

Role Type: Individual Contributor

About NiCE

NICE Ltd. (NASDAQ: NICE) software products are used by 25,000+ global businesses, including 85 of the Fortune 100 corporations, to deliver extraordinary customer experiences, fight financial crime and ensure public safety. Every day, NiCE software manages more than 120 million customer interactions and monitors 3+ billion financial transactions.

Known as an innovation powerhouse that excels in AI, cloud and digital, NiCE is consistently recognized as the market leader in its domains, with over 8,500 employees across 30+ countries.

NiCE is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, national origin, age, sex, marital status, ancestry, neurotype, physical or mental disability, veteran status, gender identity, sexual orientation or any other category protected by law.

A platform you can believe in: Immersive One is the leading cyber resilience solution across the globe.

Build and scale a best in class platform alongside a team of the brightest minds in cybersecurity! At Immersive, we’re uniquely positioned to future-proof organizations against any cyber challenge. If that excites you, read on!

Immersive helps prove and improve your cyber resilience, by simulating real-world threats, testing your skills, and measuring performance. We put your readiness to the ultimate test. From sharpening technical capabilities to making high-pressure decisions, our platform allows you to assess every angle, pinpoint areas for growth, and prove your ability to tackle evolving threats with unwavering confidence.

https://www.immersivelabs.com/why-immersive-labs

Immersive was founded in 2017, from a cargo container in Bristol, UK we’ve grown to over 300 employees globally, announced funding of more than £150 million and been voted a Best place to work on multiple occasions!

https://www.immersivelabs.com/company/our-story

Cyber Security Engineer - Red Team

Immersive is hiring! Could you be our next Cyber Security Engineer?

Due to customer demand and increasing maturity within our platform we have an exciting and challenging opportunity for an experienced cyber professional within the offensive security sector - with expertise in conducting red team engagements - to join our Product team as Cyber Security Engineer - Red Team.

If successful you will join our Cyber team working closely with our Cyber Team Leads as we embark on this exciting new phase of product development within our market leading cyber resilience platform.

This isn’t an ordinary red team role - we know everyone claims this and will tell you their role is super unique…but this one really is.

You are constantly researching, learning, totally geeking out on all things offensive security related, from red teaming, to the latest AI driven attacks, and then taking that knowledge and creating labs and ranges.

You will be a key player in our Red Team Content team, shaping and influencing the roll out of our offensive security and AI pen test content roadmap, simulating attack paths and helping train our users to counter the latest threats.

You will be educating the world of offensive security professionals on how to make sure they are secure in what they do. Now that is a pretty cool legacy to leave behind.

Your mission (if you choose to accept it) is to evolve and disrupt within the Red Team space by creating emulated environments within our platform that will simulate both hacking and defending in an engaging and intuitive way for our community.

You will design, build and deliver practical and theory content to gamify offensive security and make it engaging and fun for the end user. You’ll shake up traditional training and teach complex concepts in an innovative way.

If you have an interest in and passion for cyber security, are experienced in the area of offensive security, and want to disrupt how employees build their resilience against the latest threats we will appreciate your input and give you the space to innovate within our market leading platform, Immersive One.

Your main responsibilities (we’re scaling fast, so these may change as we grow):

• Utilising knowledge of pen test and red teaming engagements and techniques to plan, write and improve offensive security labs, challenges and online learning content on the Immersive One platform.

• Produce multi-format content utilising various teaching methods; practical exercises, questions & gamification

• Test Red Team labs and ranges to ensure they function as expected

• Research vulnerabilities, tools and offensive tactics and compile this research to deliver practical and theory labs to users

• Compile technical research into understandable concise content for both technical and non-technical audience

• Work with the wider Product team on new projects and product innovations and how best to deploy them

Sounds good? We’d love to hear from you if you have proven experience in the following areas:

• A number of years of experience working in offensive security as a penetration tester or as a Offensive Security Consultant

• In-depth knowledge of the MITRE ATT&CK framework and how it is used to help enterprises deal with threats to their organisation.

• Have a strong technical understanding of networking, computing and cyber security concepts

• Have the ability to use examples and analogies to simplify complex subjects - your content will train real world users to identify and combat the latest threats so you need to be able to inhabit the mindset of your target audience to create realistic simulations

• Familiarity with Linux, Docker and Python would be beneficial

• Attitude and approach is just as important as technical skills for this role - you will be someone who enjoys tackling complex problems and finding the solution. You’ll be a natural problem solver and ‘tinkerer’ who enjoys prototyping and iteration.

Immersive’s growth has been fuelled by our values that underpin everything we do, here’s how they relate to this role:

• Driven - We push the boundaries of innovation, acting swiftly to achieve ambitious outcomes. Our drive embodies a culture of ambition, where challenges are stepping stones to excellence.

• Inclusive - Our strength lies in diversity, fostering a culture where every individual contributes to our collective strength. We champion open dialogue and empathy, ensuring a collaborative, inclusive workplace.

• Customer Centric - We seek to develop deep relationships with our customers to help them achieve their business outcomes. We exceed our customers and partners’ expectations by crafting products, services and experiences that surprise, delight and ensure they feel valued and supported every day.

• One Team - We are a talented global team working together to achieve our vision. Central to our ethos, resilience means adapting and thriving in adversity. It guides our innovation, ensuring we and our clients are prepared for the future.

We encourage people of all different backgrounds and identities to apply. We are committed to maintaining an inclusive, supportive place for you to be you and do your very best work. Excited by the above? We’re ready to receive your application!

As well as an inclusive, supportive place for you to be you. We offer an extensive range of benefits so you can do your very best work:

• Time off, flexible and remote working so you can work when is best for you, includes 25 days annual leave + 2 volunteering days and your birthday off

• The longer you are with Immersive, the more holiday days you get, up to a maximum of 30 days after five years of service

• Look after your family and yourself with enhanced parental leave, mindfulness groups, critical illness cover, 7% matched pension, private healthcare plan and more

• Career and learning development through the platform, a dedicated professional development fund and our ‘Learn Anything’ fund - which enables you to learn anything that’s not work!

• Recognition & Rewards for doing great work and living our values and behaviours

• Informal or formal flexible working options, e.g. flexible start and finish times, reduced hours

• We have a vibrant team culture with team events throughout the year. Our socials have included everything from pottery painting and paper mask making, to dungeons and dragons!

• When you do visit the UK hub, getting there is easy: we’re based in the centre of Bristol, just a 10 minute walk from the train station. We also offer railcard loan and cycle scheme to buy a new bike

Find out more about life at Immersive Labs https://careers.immersivelabs.com

Cyber threats wait for no one and neither should you. Apply now!

If you would like to read more about what you can expect from our recruitment process, you can visit our dedicated interview process page.

A platform you can believe in: Immersive One is the leading cyber resilience solution across the globe.

Build and scale a best in class platform alongside a team of the brightest minds in cybersecurity! At Immersive, we’re uniquely positioned to future-proof organizations against any cyber challenge. If that excites you, read on!

Immersive helps prove and improve your cyber resilience, by simulating real-world threats, testing your skills, and measuring performance. We put your readiness to the ultimate test. From sharpening technical capabilities to making high-pressure decisions, our platform allows you to assess every angle, pinpoint areas for growth, and prove your ability to tackle evolving threats with unwavering confidence.

https://www.immersivelabs.com/why-immersive-labs

Immersive was founded in 2017, from a cargo container in Bristol, UK we’ve grown to over 300 employees globally, announced funding of more than £150 million and been voted a Best place to work on multiple occasions!

https://www.immersivelabs.com/company/our-story

Cyber Security Engineer - Red Team

Immersive is hiring! Could you be our next Cyber Security Engineer?

Due to customer demand and increasing maturity within our platform we have an exciting and challenging opportunity for an experienced cyber professional within the offensive security sector - with expertise in conducting red team engagements - to join our Product team as Cyber Security Engineer - Red Team.

If successful you will join our Cyber team working closely with our Cyber Team Leads as we embark on this exciting new phase of product development within our market leading cyber resilience platform.

This isn’t an ordinary red team role - we know everyone claims this and will tell you their role is super unique…but this one really is.

You are constantly researching, learning, totally geeking out on all things offensive security related, from red teaming, to the latest AI driven attacks, and then taking that knowledge and creating labs and ranges.

You will be a key player in our Red Team Content team, shaping and influencing the roll out of our offensive security and AI pen test content roadmap, simulating attack paths and helping train our users to counter the latest threats.

You will be educating the world of offensive security professionals on how to make sure they are secure in what they do. Now that is a pretty cool legacy to leave behind.

Your mission (if you choose to accept it) is to evolve and disrupt within the Red Team space by creating emulated environments within our platform that will simulate both hacking and defending in an engaging and intuitive way for our community.

You will design, build and deliver practical and theory content to gamify offensive security and make it engaging and fun for the end user. You’ll shake up traditional training and teach complex concepts in an innovative way.

If you have an interest in and passion for cyber security, are experienced in the area of offensive security, and want to disrupt how employees build their resilience against the latest threats we will appreciate your input and give you the space to innovate within our market leading platform, Immersive One.

Your main responsibilities (we’re scaling fast, so these may change as we grow):

• Utilising knowledge of pen test and red teaming engagements and techniques to plan, write and improve offensive security labs, challenges and online learning content on the Immersive One platform.

• Produce multi-format content utilising various teaching methods; practical exercises, questions & gamification

• Test Red Team labs and ranges to ensure they function as expected

• Research vulnerabilities, tools and offensive tactics and compile this research to deliver practical and theory labs to users

• Compile technical research into understandable concise content for both technical and non-technical audience

• Work with the wider Product team on new projects and product innovations and how best to deploy them

Sounds good? We’d love to hear from you if you have proven experience in the following areas:

• A number of years of experience working in offensive security as a penetration tester or as a Offensive Security Consultant

• In-depth knowledge of the MITRE ATT&CK framework and how it is used to help enterprises deal with threats to their organisation.

• Have a strong technical understanding of networking, computing and cyber security concepts

• Have the ability to use examples and analogies to simplify complex subjects - your content will train real world users to identify and combat the latest threats so you need to be able to inhabit the mindset of your target audience to create realistic simulations

• Familiarity with Linux, Docker and Python would be beneficial

• Attitude and approach is just as important as technical skills for this role - you will be someone who enjoys tackling complex problems and finding the solution. You’ll be a natural problem solver and ‘tinkerer’ who enjoys prototyping and iteration.

Immersive’s growth has been fuelled by our values that underpin everything we do, here’s how they relate to this role:

• Driven - We push the boundaries of innovation, acting swiftly to achieve ambitious outcomes. Our drive embodies a culture of ambition, where challenges are stepping stones to excellence.

• Inclusive - Our strength lies in diversity, fostering a culture where every individual contributes to our collective strength. We champion open dialogue and empathy, ensuring a collaborative, inclusive workplace.

• Customer Centric - We seek to develop deep relationships with our customers to help them achieve their business outcomes. We exceed our customers and partners’ expectations by crafting products, services and experiences that surprise, delight and ensure they feel valued and supported every day.

• One Team - We are a talented global team working together to achieve our vision. Central to our ethos, resilience means adapting and thriving in adversity. It guides our innovation, ensuring we and our clients are prepared for the future.

We encourage people of all different backgrounds and identities to apply. We are committed to maintaining an inclusive, supportive place for you to be you and do your very best work. Excited by the above? We’re ready to receive your application!

As well as an inclusive, supportive place for you to be you. We offer an extensive range of benefits so you can do your very best work:

• Time off, flexible and remote working so you can work when is best for you, includes 25 days annual leave + 2 volunteering days and your birthday off

• The longer you are with Immersive, the more holiday days you get, up to a maximum of 30 days after five years of service

• Look after your family and yourself with enhanced parental leave, mindfulness groups, critical illness cover, 7% matched pension, private healthcare plan and more

• Career and learning development through the platform, a dedicated professional development fund and our ‘Learn Anything’ fund - which enables you to learn anything that’s not work!

• Recognition & Rewards for doing great work and living our values and behaviours

• Informal or formal flexible working options, e.g. flexible start and finish times, reduced hours

• We have a vibrant team culture with team events throughout the year. Our socials have included everything from pottery painting and paper mask making, to dungeons and dragons!

• When you do visit the UK hub, getting there is easy: we’re based in the centre of Bristol, just a 10 minute walk from the train station. We also offer railcard loan and cycle scheme to buy a new bike

Find out more about life at Immersive Labs https://careers.immersivelabs.com

Cyber threats wait for no one and neither should you. Apply now!

If you would like to read more about what you can expect from our recruitment process, you can visit our dedicated interview process page.

A platform you can believe in: Immersive One is the leading cyber resilience solution across the globe.

Build and scale a best in class platform alongside a team of the brightest minds in cybersecurity! At Immersive, we’re uniquely positioned to future-proof organizations against any cyber challenge. If that excites you, read on!

Immersive helps prove and improve your cyber resilience, by simulating real-world threats, testing your skills, and measuring performance. We put your readiness to the ultimate test. From sharpening technical capabilities to making high-pressure decisions, our platform allows you to assess every angle, pinpoint areas for growth, and prove your ability to tackle evolving threats with unwavering confidence.

https://www.immersivelabs.com/why-immersive-labs

Immersive was founded in 2017, from a cargo container in Bristol, UK we’ve grown to over 300 employees globally, announced funding of more than £150 million and been voted a Best place to work on multiple occasions!

https://www.immersivelabs.com/company/our-story

Cyber Security Engineer - Red Team

Immersive is hiring! Could you be our next Cyber Security Engineer?

Due to customer demand and increasing maturity within our platform we have an exciting and challenging opportunity for an experienced cyber professional within the offensive security sector - with expertise in conducting red team engagements - to join our Product team as Cyber Security Engineer - Red Team.

If successful you will join our Cyber team working closely with our Cyber Team Leads as we embark on this exciting new phase of product development within our market leading cyber resilience platform.

This isn’t an ordinary red team role - we know everyone claims this and will tell you their role is super unique…but this one really is.

You are constantly researching, learning, totally geeking out on all things offensive security related, from red teaming, to the latest AI driven attacks, and then taking that knowledge and creating labs and ranges.

You will be a key player in our Red Team Content team, shaping and influencing the roll out of our offensive security and AI pen test content roadmap, simulating attack paths and helping train our users to counter the latest threats.

You will be educating the world of offensive security professionals on how to make sure they are secure in what they do. Now that is a pretty cool legacy to leave behind.

Your mission (if you choose to accept it) is to evolve and disrupt within the Red Team space by creating emulated environments within our platform that will simulate both hacking and defending in an engaging and intuitive way for our community.

You will design, build and deliver practical and theory content to gamify offensive security and make it engaging and fun for the end user. You’ll shake up traditional training and teach complex concepts in an innovative way.

If you have an interest in and passion for cyber security, are experienced in the area of offensive security, and want to disrupt how employees build their resilience against the latest threats we will appreciate your input and give you the space to innovate within our market leading platform, Immersive One.

Your main responsibilities (we’re scaling fast, so these may change as we grow):

• Utilising knowledge of pen test and red teaming engagements and techniques to plan, write and improve offensive security labs, challenges and online learning content on the Immersive One platform.

• Produce multi-format content utilising various teaching methods; practical exercises, questions & gamification

• Test Red Team labs and ranges to ensure they function as expected

• Research vulnerabilities, tools and offensive tactics and compile this research to deliver practical and theory labs to users

• Compile technical research into understandable concise content for both technical and non-technical audience

• Work with the wider Product team on new projects and product innovations and how best to deploy them

Sounds good? We’d love to hear from you if you have proven experience in the following areas:

• A number of years of experience working in offensive security as a penetration tester or as a Offensive Security Consultant

• In-depth knowledge of the MITRE ATT&CK framework and how it is used to help enterprises deal with threats to their organisation.

• Have a strong technical understanding of networking, computing and cyber security concepts

• Have the ability to use examples and analogies to simplify complex subjects - your content will train real world users to identify and combat the latest threats so you need to be able to inhabit the mindset of your target audience to create realistic simulations

• Familiarity with Linux, Docker and Python would be beneficial

• Attitude and approach is just as important as technical skills for this role - you will be someone who enjoys tackling complex problems and finding the solution. You’ll be a natural problem solver and ‘tinkerer’ who enjoys prototyping and iteration.

Immersive’s growth has been fuelled by our values that underpin everything we do, here’s how they relate to this role:

• Driven - We push the boundaries of innovation, acting swiftly to achieve ambitious outcomes. Our drive embodies a culture of ambition, where challenges are stepping stones to excellence.

• Inclusive - Our strength lies in diversity, fostering a culture where every individual contributes to our collective strength. We champion open dialogue and empathy, ensuring a collaborative, inclusive workplace.

• Customer Centric - We seek to develop deep relationships with our customers to help them achieve their business outcomes. We exceed our customers and partners’ expectations by crafting products, services and experiences that surprise, delight and ensure they feel valued and supported every day.

• One Team - We are a talented global team working together to achieve our vision. Central to our ethos, resilience means adapting and thriving in adversity. It guides our innovation, ensuring we and our clients are prepared for the future.

We encourage people of all different backgrounds and identities to apply. We are committed to maintaining an inclusive, supportive place for you to be you and do your very best work. Excited by the above? We’re ready to receive your application!

As well as an inclusive, supportive place for you to be you. We offer an extensive range of benefits so you can do your very best work:

• Time off, flexible and remote working so you can work when is best for you, includes 25 days annual leave + 2 volunteering days and your birthday off

• The longer you are with Immersive, the more holiday days you get, up to a maximum of 30 days after five years of service

• Look after your family and yourself with enhanced parental leave, mindfulness groups, critical illness cover, 7% matched pension, private healthcare plan and more

• Career and learning development through the platform, a dedicated professional development fund and our ‘Learn Anything’ fund - which enables you to learn anything that’s not work!

• Recognition & Rewards for doing great work and living our values and behaviours

• Informal or formal flexible working options, e.g. flexible start and finish times, reduced hours

• We have a vibrant team culture with team events throughout the year. Our socials have included everything from pottery painting and paper mask making, to dungeons and dragons!

• When you do visit the UK hub, getting there is easy: we’re based in the centre of Bristol, just a 10 minute walk from the train station. We also offer railcard loan and cycle scheme to buy a new bike

Find out more about life at Immersive Labs https://careers.immersivelabs.com

Cyber threats wait for no one and neither should you. Apply now!

If you would like to read more about what you can expect from our recruitment process, you can visit our dedicated interview process page.

About Us Temporal is an open source programming model that can simplify code, make applications more reliable, and help developers focus on the important things like delivering features faster. We...

SupportYourApp is an international Intelligent Support-as-a-Service company that has been providing business process outsourcing services to other IT companies around the globe (technical and customer support, services to improve customer...

About the RoleHopper’s Security team is small by design and consequential by impact- and this role sits at the centre of it. As a Senior Security Engineer, you’ll own the...

About the RoleHopper’s Security team is small by design and consequential by impact- and this role sits at the centre of it. As a Senior Security Engineer, you’ll own the...

Chainguard is the trusted source for open source. By delivering hardened, secure, and production-ready builds of all the open source software engineers and AI agents rely on, Chainguard helps organizations...

GuidePoint Security provides trusted cybersecurity expertise, solutions and services that help organizations make better decisions and minimize risk. By taking a three-tiered, holistic approach for evaluating security posture and ecosystems, GuidePoint enables some of the nation’s top organizations, such as Fortune 500 companies and U.S. government agencies, to identify threats, optimize resources and integrate best-fit solutions that mitigate risk.

Required Experience:

• Proficiency with the implementation, operationalization, and troubleshooting of Static Application Security Testing (SAST) tools such as Semgrep, Snyk, CodeQL, Checkmarx, Veracode, etc.
• Understanding of Continuous Integration / Continuous Delivery (CI/CD) pipeline tools and processes (e.g. GitHub Actions, GitLab Runners, Azure DevOps, Jenkins, CircleCI, etc.)
• Experience in software engineering, ideally full stack software development, including modern technologies and application architectures
• Strong scripting and automation experience using one or more programming languages
• Solid working knowledge of application security fundamentals including the OWASP Top 10, threat modeling, and implementing secure coding practices throughout the Software Development Lifecycle (SDLC)
• Excellent written and verbal communication skills

Preferred:

• Experience writing or adapting custom SAST rules (Semgrep or CodeQL)

• Familiarity with additional Application Security tools (e.g. Interactive (IAST), Dynamic (DAST) and API security, SCA, etc.)

• Familiarity with API Security tools (e.g., NoName, Traceable, Salt, Cequence)

• Practical hands-on experience validating vulnerabilities and proficiency with Burp Suite

• Strong working knowledge of Secure Development Lifecycles and experience triaging and remediating technical vulnerabilities identified by web application scanning tools

  • Understanding of automated security testing approaches and tools
  • Experience in building and operating security tools within CI/CD pipelines
  • Experience with proactive integration of security into the development process

• Past experience as an application security practitioner or software engineer

Educational & Professional Credentials:

• Bachelor’s degree in a relevant discipline or equivalent experience
• 5-7 years of security engineering experience in the Information Security industry

We use Greenhouse Software as our applicant tracking system and Zoom Scheduler for HR screen request scheduling. At times, your email may block our communication with you. Please be sure to check your SPAM folder so that you don’t miss updates on your application.

Why GuidePoint? GuidePoint Security is a rapidly growing, profitable, privately-held value added reseller that focuses exclusively on Information Security. Since its inception in 2011, GuidePoint has grown to over 1,200 employees, established strategic partnerships with leading security vendors, and serves as a trusted advisor to more than 6,200 customers.

Firmly-defined core values drive all aspects of the business, which have been paramount to the company’s success and establishment of an enjoyable workplace atmosphere. At GuidePoint, your colleagues are knowledgeable, skilled, and experienced and will seek to collaborate and provide mentorship and guidance at every opportunity.

This is a unique and rare opportunity to grow your career along with one of the fastest growing companies in the nation.

Some added perks….

• Remote workforce primarily (U.S. based only, some travel may be required for certain positions, working on-site may be required for Federal positions)
• Group Medical Insurance options: Zero Deductible PPO Plan (GuidePoint pays 90% of the premium for employees and 70% for family plans (spouse/children/family) or High Deductible Health Plan with HSA (GuidePoint pays 100% of the employees premiums and 75% for family plans (spouse/children/family). If you choose the High Deductible / HSA plan, GPS will contribute in 4 equal quarterly installments: ($850 per EE annually / $1750 per family annually (includes spouse/children/family options)
• Group Dental Insurance: GuidePoint pays 100% of the premium for employees and 75% of family plans
• 12 corporate holidays and a Flexible Time Off (FTO) program
• Healthy mobile phone and home internet allowance
• Eligibility for retirement plan after 2 months at open enrollment
• Pet Benefit Option

Come join the company that is reinventing cloud security and empowering businesses to thrive in the cloud.

Description

We are seeking a Technical GRC Analyst to support the day-to-day operation of our governance, risk, compliance, and security assurance processes within a growing EdTech SaaS environment.

This role will focus on administering established policies and workflows, coordinating compliance and security activities, handling requests from across the business, and performing risk assessments—particularly where personal data, information security, and GDPR considerations are involved.

You will play a key role in ensuring that our systems, processes, security tooling, and third-party relationships meet our security, compliance, and data protection standards.

Working closely with the IT & Information Security Manager and wider IT team, you will help maintain audit readiness, support operational security assurance activities, and coordinate remediation and evidence management across the organisation.

The role offers exposure across governance, operational security assurance, compliance, and risk management within a growing SaaS environment.

Key Responsibilities

• Administer and operate IT risk, compliance, and security assurance processes aligned to internal policies and regulatory requirements (including GDPR)

• Act as a central point of contact for compliance-related requests (e.g. Subject Access Requests (SARs), data sharing requests, access requests, exceptions, and supplier onboarding)

• Perform risk assessments using defined criteria, with a focus on data protection and information security risks

• Review requests against defined policies and controls, escalating where appropriate in line with internal governance processes

• Support third-party / supplier risk assessments, including reviewing security and data protection documentation and tracking follow-up actions

• Support periodic reviews of high-risk and business-critical suppliers, applications, and technology platforms to ensure appropriate security, compliance, and data protection controls remain in place

• Support the implementation and ongoing operation of compliance and assurance tooling (Vanta), including evidence collection, test management, stakeholder coordination, remediation tracking, and control adoption activities.

• Ensure appropriate documentation, audit trails, and evidence are maintained for assessments, compliance activities, and operational processes

• Support internal and external audits (e.g. ISO 27001), including evidence gathering, action tracking, and coordination of remediation activities

• Monitor compliance with policies and highlight potential risks, gaps, or control weaknesses for review

• Support coordination and operational delivery of security improvement initiatives across IT and business teams.

• Support incident management processes through documentation, tracking, and coordination of follow-up actions

• Coordinate security awareness activities, including phishing simulation campaigns and training tracking

• Assist with reviews of security tooling configurations and collection of supporting control evidence

• Work closely with engineering, product, and business teams to ensure compliance and security processes are understood and followed

• Contribute ideas and feedback to improve workflows and operational processes, particularly where they impact scalability, operational efficiency, or customer trust

Skills & Experience

Essential:

• Experience in IT risk, compliance, or GRC roles within a SaaS or technology environment

• Understanding of GDPR and handling of personal data (especially sensitive or child/student data)

• Experience performing risk assessments using structured frameworks and defined processes

• Ability to interpret policies and apply them to operational and real-world scenarios

• Strong organisational, coordination, and documentation skills (audit trails, evidence, decision logs)

• Experience working with cross-functional teams (e.g. engineering, product, operations)

• Experience supporting operational security assurance activities, such as evidence collection, control validation, remediation tracking, or audit preparation

Desirable:

• Familiarity with ISO 27001, Cyber Essentials, or similar frameworks

• Experience supporting audits, evidence collection, or remediation tracking activities

• Experience with vendor / third-party risk management

• Exposure to data protection processes (e.g. SARs, DPIAs, data sharing assessments)

• Exposure to data classification, data governance, or data loss prevention (DLP) processes

• Experience with GRC, compliance, or assurance platforms (e.g. Vanta, Drata) and ticketing/workflow management tools

• Exposure to Microsoft 365 security and compliance tooling (e.g. Entra ID, Intune, Secure Score, Defender)

• Basic understanding of cloud/SaaS architecture and common security controls

Key Behaviours:

• Pragmatic approach to risk, with the ability to balance compliance requirements with business needs

• Comfortable assessing requests against defined policies and escalating concerns where appropriate

• Confident communicating risks, issues, and follow-up actions to stakeholders

• Detail-oriented, with a strong focus on documentation, evidence quality, and traceability

• Organised and proactive, with the ability to manage multiple tasks and follow through on actions

• Able to operate independently within established processes and governance frameworks

• Collaborative approach to working with technical and non-technical teams

Bromcom is an equal opportunities employer.