Devsecops Engineer H/F Yubo

Who we are

Yubo is the Social Discovery app to make new friends and hang out online. By eliminating likes and follows, we empower our users to create genuine connections and show up as their true selves.

We've pioneered a new way for Gen Z to socialize online, and with millions of active users, our goal is to redefine how we connect today and tomorrow.

Our team is international, multicultural and deeply committed to its mission. As the leading platform to socialize online, we have a special responsibility to build a safe digital space for our community. Safety is embedded in our DNA, and our proactive approach focuses on user protection, support, and education. We also work closely with the broader technology industry to share our knowledge and NGOs create industry-leading child protection standards.

Join us in this exciting journey and help us shape the future of social interactions!

About this role

As a Confirmed DevSecOps Engineer within our Platform Engineering team, you will report to the Head of Platform Engineering and work closely with our Security Lead. Your mission is straightforward: make security part of how we build.

This role is not about manually auditing code all day, it is about industrializing security practices across the organization. You will integrate security directly into CI/CD pipelines, repositories, and developer tooling so that secure by default becomes the norm.

We are looking for someone who believes that the best security processes are the ones developers barely notice because they simply work. You will focus on automation, enablement, and reducing risk at scale, while ensuring production resilience continues to improve.

If you enjoy turning complex security requirements into practical, scalable systems that engineers actually adopt, you will feel at home here.

Your responsibilities

- Own and improve our code security tooling and automation, including SAST, SCA, and secret detection tools
- Enforce and evolve our DAST stack and contribute to preparing Red Team processes
- Integrate security checks and gates directly into CI/CD pipelines (partner with DevOps)
- Reduce false positives and improve the overall quality of vulnerability signals, ensuring positive developer feedbacks
- Investigate alerts from multiple sources including bug bounty, SIEM, and EDR
- Support IAM related operational needs
- Contribute to the investigation and remediation of code related vulnerabilities
- Collaborate closely with Backend Engineers to drive adoption of secure practices

Tools we use:

- Wiz
- SentinelOne
- Cloudflare
- GCP
- Datadog
- Grafana
- GitHub
- Google Workspace
- YesWeHack

Who you are

- You have solid experience in AppSec, DevSecOps or Pentester roles
- You have hands on experience integrating SAST, SCA, DAST, and secret scanning into CI/CD pipelines
- You understand containerized environments and modern CI/CD workflows
- You are comfortable with cloud environments, ideally GCP
- You have experience handling security alerts and participating in incident response
- You focus on automation and scalability rather than manual processes
- You value pragmatic solutions over theoretical perfection

Within a month, you will

- Get familiar with our platform architecture, CI/CD pipelines, and security stack
- Review existing code security tooling and current pain points
- Build relationships with Backend, DevOps, and Security stakeholders
- Investigate a few real alerts to understand our operational workflows
- Identify quick wins to improve signal quality or developer experience

Within 3 months, you will

- Audit and stabilize our existing code security tooling
- Reduce false positives and improve the quality of vulnerability reporting
- Implement or standardize security gates in CI/CD pipelines
- Contribute to at least one post mortem with actionable prevention measures
- Improve documentation around secure development practices

Within 6 months, you will

- Significantly reduce remediation lead time for critical vulnerabilities
- Automate recurring security workflows and reduce manual effort
- Ensure secure by default principles are embedded into our CI/CD standards
- Be recognized by engineering teams as a reliable and pragmatic security partner
- Contribute to a measurable improvement in production resilience and risk reduction

If you want to build security systems that scale with the product and genuinely support engineers rather than slow them down, we would be glad to meet you.

The recruitment process

- Phone screen with Nicolas, our Tech Recruiter
- Interview with Yohan, our Security Lead
- Technical test and debrief
- Cultural fit assessments

What we offer

- A highly competitive salary range as well as equity in the company
- A highly flexible remote work policy, 2 days at the office per month, with monthly team events.
- We also cover fees for external professional events and meetups (Android Makers, etc...)
- Great health insurance coverage for both you and your family by Alan, fully paid for by Yubo !
- Numerous benefits for parents: additional parental leave, easy access to nurseries and daycare facilities in France.

Our approach to privacy & safety

As part of your role, you may handle tools and features involving personal data. We expect all employees to demonstrate strong awareness of privacy and safety issues, and to actively support our Privacy & Safety by Design efforts.

Join Yubo and help shape the future of Social Discovery while enjoying a culture that values flexibility, well-being, and impact.

Here's how we live our mission every day:

You own the impact: Step up, adapt, and make it matter

Unconventionally Smart: Hack with intent, borrow smart, build better

Be Bold & Resilient: Raise your head, break barriers, keep moving forward

One team, one mission: No egos, no passengers, just shared wins

Trust & Flexibility: Our hybrid model calls for only two office days a month; the rest is up to the rhythm that works best for you.

Enjoy Top-notch Benefits

Culture is central at Yubo, hence the numerous benefits:

Cool Workplace: enjoy our amazing Parisian office and our many hybrid work options

Team Activities: participate in get-togethers, events, and team-building activities

Family-Friendly: we support parents with childcare options and family-friendly policies

Wellness Programs: benefit from comprehensive health insurance, wellness programs, sports classes, and mental well-being initiatives