Skip to content
SecRoles

Security Analyst

ProtonParis, France · Remote (France)June 29, 2026
Remote
Full-time
SOC
Mid · 3–4 yrs

About Proton

Join Proton and build a better internet where privacy is the default

Proton was founded in 2014 by scientists from CERN on a simple truth: privacy is a fundamental human right. Since then, we’ve built the world’s largest encrypted email service (Proton Mail) and expanded into Proton VPN, Proton Drive, Proton Pass, and Proton Calendar—tools used by millions globally to protect their freedom, fight censorship, and keep their data safe. In some situations, Proton has literally helped save lives!

We are profitable, independent (no VC control), and selectively hire from the top ~1% of applicants. Our 700+ team members across 50+ countries come from leading organizations and elite academic backgrounds. We move fast, keep hierarchy light, and prioritize impact over optics. If you want to do meaningful work with exceptionally high-caliber people, this is it. Join us and do work you can truly be proud of. Check our open-source projects here!

Role Overview

The Security Analyst will be at the frontline of protecting Proton’s global infrastructure. This role combines analytical threat investigation with practical security engineering, taking a role in running, tuning, and evolving our detection capabilities.

You will bridge the gap between day-to-day security monitoring and proactive threat defense. Sitting within our security team, you will not only respond to alerts and manage incidents but actively design the rules, playbooks, and systems that catch attackers before they succeed. We value deep logical reasoning, data-driven intuition, and strong cross-functional communication.

What you will do:

Threat Detection & SIEM Engineering

  • Maintain, optimize, and enhance our core security monitoring toolkit (SIEM, sensors, etc.).
  • Design, build, and continuously refine meaningful alerts, transforming raw infrastructure events into high-fidelity detections.
  • Proactively identify malicious activities or blind spots within our network and infrastructure that our current toolsets might not cover.

Incident Response & Monitoring

  • Monitor, triage, and deeply investigate security alerts covering all of Proton’s corporate infrastructure.
  • Own the containment and mitigation of potential security incidents, orchestrating quick and effective response actions.
  • Develop, document, and test rigorous incident response plans and actionable playbooks to streamline future workflows.

Risk Mitigation & System Security

  • Analyze complex logs, endpoints, and network traffic to isolate anomalies, extract patterns, and identify emerging risks.
  • Collaborate with engineering teams to deploy and maintain secure architectures, applying server and system security best practices (e.g., OS hardening, strict access controls).
  • Contribute to continuous posture improvement by feeding operational findings back into security tooling and roadmaps.

Governance

  • Support, advise, and guide the wider company on all security-related matters and emerging risks.
  • Participate in business process documentation, operational metric reporting, and the strategic automation of security tasks.
  • Promote a culture of strong IT security awareness and responsible user behavior across our distributed teams.

Job requirements

  • Good logical reasoning, structure, and problem-solving skills. The ability to correlate diverse data sources, extract hidden patterns from massive volumes of data, and think like an attacker.
  • Solid understanding of system and network security best practices, including network ACLs, authentication mechanisms, and endpoint defense configurations.
  • Strong working knowledge of Linux-based operating systems, their architectural security components, system calls, and mechanisms like SELinux.
  • Familiarity with modern malware techniques, attacker tactics (TTPs), and how to translate this threat intelligence directly into actionable SIEM rulesets.
  • Sound understanding of networking protocols, web technologies, and detection mechanics (eg. EDR, IDS/IPS).
  • Intermediate-to-advanced proficiency in Python (or similar languages) for scripting, parsing, and automation tasks.
  • Excellent written and spoken English, paired with strong communication and organizational skills to collaborate smoothly across different teams.
  • A deep belief in digital privacy.

Preferred qualifications

  • Proven experience (ideally 3-4 years) in a cybersecurity or operations context.
  • Hands-on experience working with Elastic stack, Vector, or other tools used in large-scale log analysis.
  • Experience utilizing data analysis tools (such as Jupyter, Pandas) to hunt for anomalies.
  • Practical knowledge of securing and analyzing containerized workloads (Docker, Kubernetes) and Cloud infrastructure environments.
  • Experience in leveraging and integrating Threat Intelligence into security workflows.
  • An industry-recognized security certification is considered a strong asset.

Success in This Role

  • The SIEM environment is highly tuned, resulting in a demonstrable reduction in false positives and a significant increase in high-value, actionable alerts.
  • Security incidents are quickly contained, thoroughly investigated, and translated into resilient long-term containment strategies and playbooks.
  • Threat detection coverage expands smoothly to secure new infrastructure, products, and cloud microservices.

What We Offer

  • Work that Matters: millions of people trust Proton with their privacy. We answer only to our users — not advertisers, not investors with conflicting agendas, not governments. The work you do here is real, and the impact is measurable. (read more about our impact here)

  • Stock Options: at Proton, we all have the opportunity to be owners of the company. From day one, you have a real stake in what we're building. When Proton wins, you win.

  • Technology: you'll get the right hardware and the right software you need to do your best work.

  • Learning & Development: we invest in your growth because sharp people make us better. Proton is one of the fastest ways to accelerate your career because you'll be thrown into real challenges, with real ownership, from day one.

  • Employee Benefits: your wellbeing isn't an afterthought. We offer strong health coverage, solid retirement options, generous leave, and wellness support so you can bring your best self to work every day

  • In-Person Collaboration: Amazing things happen when passionate, smart, and purposeful people get together in the same room. With offices across Geneva, Zürich, Barcelona, London and more, you'll spend most of your time collaborating face-to-face with people who genuinely care about what they're building

  • Food: Lunch and snacks are on us every day in our offices so you can focus on the work and not on what's for lunch.

  • Transport: getting to the office shouldn't cost you. We cover public transport, bike allowances, or parking, whichever works for you.

  • Flexible Working: you own your schedule. Set hours that work for you and your team — because outcomes matter more than when the clock says you started.

Our Commitment to Diversity and Inclusion

At Proton, we believe diversity drives innovation and strengthens our mission to provide privacy as a default for all. We are committed to fostering an inclusive environment where all individuals, regardless of race, ethnicity, gender, age, sexual orientation, physical ability, or socio-economic background, feel valued and empowered. We strive to create equal opportunities, promote open dialogue, and support continuous learning to ensure every voice is heard and respected.

If you need any extra support or reasonable adjustments during the hiring process, please let your talent partner know.

Candidate Privacy Notice

When you apply for a position, refer a candidate, or are considered for a role at Proton Technologies AG (Proton, we, us, or our), your information is stored in Greenhouse, in accordance with their Service Privacy Policy. This information is used to evaluate your suitability for the posted position. We also retain this information for consideration for future roles that you may apply for or that we believe may align with your background and skills.

If we no longer have a legitimate business need to process your information, we will either delete or anonymize it. Should you have any inquiries about how we use or manage your information, or if you wish to access, correct, or delete your data, please contact our privacy team at [email protected].

Proton does not accept unsolicited resumes from any sources other than directly from candidates. We will not pay a fee for any placement resulting from an unsolicited offer, even if the candidate is subsequently hired by Proton.

To learn more about our privacy policy, please visit our privacy policy page. 

Compensation range
Paris:  38.000 - 62.000 gross annually*
Other locations: Compensation will be discussed during the interview process_
*Final compensation will be determined based on the candidate's qualifications, skills, and previous experience_

#LI-Onsite

Job Details

Salary

€38,000 – €62,000/yr (fr)

Experience

Mid · 3–4 yrs

Tools & Tech

Docker
Elasticsearch
Kubernetes
Python
Apply