Artificial Intelligence. Actual Impact.
At Docebo, we’re using AI to change how people learn at work—and we mean actually change it. We’re an AI-powered learning platform that helps organizations create, deliver, and manage training all in one place. But our real mission goes deeper: we help teams move faster, work smarter, and focus on the work that truly matters. Our platform is built with intelligent, time-saving tools that personalize learning, eliminate busywork, and turn training from a checkbox into a superpower. The result? Better experiences for learners and real results for businesses.
We’re shaping the future of learning with a team that isn’t afraid to challenge the status quo. If you're excited by the idea of using AI to make work-life better for real people–you’ll feel right at home here. And it’s not just what we build, it’s how we show up. At Docebo, our values aren’t just posters on the wall—they guide how we work every day. We call it the Docebo Heart: trust by default, assume positive intent, and create space for different perspectives to thrive.
So… what are you waiting for? Join 900+ Docebians around the world and help us reinvent the way people learn, because learning never stops.
The Senior Security Engineer will play a central role in securing Docebo's cloud infrastructure, with a primary focus on AWS environments. Working closely with Cloud Infrastructure & Operations, Engineering, and other security teams, this role is responsible for designing, implementing, and continuously improving cloud security controls across all layers of the stack — from infrastructure provisioning and container orchestration to runtime detection and compliance enforcement. This is a hands-on, high-ownership role for someone who thinks in terms of risk and moves quickly to reduce it. The role also includes participation in an on-call rotation for security incidents affecting Docebo systems.
Cloud Security Architecture & Hardening: Own the security posture of Docebo's AWS environments. Define and enforce secure account structures, service control policies (SCPs), guardrails, and baseline configurations across multi-account setups. Evaluate and improve network segmentation, IAM boundaries, and data protection controls. Identify and remediate misconfigurations using CSPM tooling and manual review.
Infrastructure as Code Security: Partner with Cloud Infrastructure to integrate security controls into IaC workflows. Define guardrails to catch insecure configurations before deployment. Own security scanning in CI/CD pipelines and promote a shift-left approach to cloud security across engineering teams.
Incident Response & On-Call: Participate in the on-call rotation for security incidents, including triage, containment, and escalation for after-hours events. Lead investigation and root cause analysis for cloud security incidents with clear written post-mortems. Leverage automation and AI tooling to reduce mean time to detect and respond.
Cloud Detection & Threat Monitoring: Build and maintain detection coverage for cloud-native threats (privilege escalation, unusual API activity, lateral movement, data exfiltration, and more). Leverage CloudTrail, GuardDuty, and SIEM integrations to maintain visibility across the AWS estate. Align detection logic with MITRE ATT&CK for Cloud.
Vulnerability & Configuration Management: Own vulnerability management for cloud workloads — prioritizing findings from cloud configuration assessments, and runtime protection tools. Drive remediation with Engineering and Infrastructure teams, and build automated enforcement where manual review doesn't scale.
Identity & Access Management: Define and enforce least-privilege principles across AWS IAM, service accounts, and federated identity. Review and improve IAM policies, permission boundaries, cross-account roles, and access patterns. Reduce standing access and enforce JIT access where appropriate.
Development of Security Best Practices: Develop and document best practices, policies, and procedures for cloud security. Provide guidance and training to engineering and infrastructure teams to promote a security-aware culture.
Vendor relationships: Maintain relationships with security vendors for technical issues, ensure smooth operations of security tools and services, and escalate problems or incidents to vendors when required.
You're a cloud security practitioner who operates with a builder's mindset. You understand AWS deeply — not just its security services, but how misconfigurations and design decisions create real risk. You're comfortable reading IaC, reviewing IAM policies, and diving into CloudTrail logs to reconstruct what happened. You know how to work with engineering and infrastructure teams as a partner, not a gatekeeper — and you can communicate risk clearly to stakeholders who don't live in the cloud console. You're comfortable being on-call and making decisions under pressure.
Additionally, holding security-related certifications such as those from ISC2, ISACA, SANS, or CompTIA, and having Cloud Architecture certifications (AWS Security Specialty, AWS Solutions Architect, or equivalent) will significantly enhance your effectiveness in this role.
5+ years of relevant work experience in cybersecurity, with a strong focus on cloud security in production AWS environments.
Deep hands-on experience with AWS security services: IAM, SCPs, CloudTrail, GuardDuty, Config, KMS, VPC security, and more.
Good knowledge of Kubernetes security — including RBAC, pod security standards, network policies, admission controllers, and secrets management.
Experience with cloud security posture management (CSPM) and cloud workload protection (CWPP/CNAPP) tools.
Experience securing IaC pipelines (Terraform, CloudFormation) and integrating security scanning into CI/CD workflows.
Good experience with container and image security — scanning, runtime protection, supply chain risk.
Experience with SIEM and detection engineering — building and tuning cloud-native detection rules, threat hunting across CloudTrail and application logs.
Familiarity with automation platforms and AI-driven security tools to streamline detection, enrichment, and response.
Experience with Infrastructure as Code (IaC) and scripting (Python, Bash, or similar) to develop custom security tooling and automate workflows.
Strong IAM fundamentals: least privilege, cross-account roles, permission boundaries, federated identity, and privileged access management.
Comfortable working across Azure/GCP in addition to AWS — multi-cloud exposure is a plus.
In-depth knowledge of information security principles and cybersecurity frameworks relevant to cloud environments: MITRE ATT&CK for Cloud, CIS Benchmarks, AWS Well-Architected Security Pillar, NIST CSF, SOC 2, ISO 27001.
Willingness and ability to participate in an on-call rotation, including after-hours response.
Ability to produce clear, comprehensive, and well-structured documentation (e.g. incident reports, architecture reviews, runbooks, and security standards) and to communicate complex technical issues effectively to non-technical stakeholders.
Great work can happen anywhere but coming together helps us go further. Our team spends three days a week in the office (Tuesday-Thursday) to collaborate, solve problems, and learn from each other. With flexibility the rest of the week, it’s a balance designed to help everyone do their best work and keep growing.
Our Total Rewards Philosophy centers around three core areas to reward and care for our People:
Rewarding Impact: We lead with competitive pay to reward the impact, skills and traits that fuel our success.
Fostering Holistic Wellbeing: We care deeply about and invest in the whole person with programs that support our people’s physical, mental, and financial well-being.
Empowering Our Talent Culture: We build a culture of trust and empowerment by designing our rewards and benefits with transparency, equity, and flexibility, enabling our people to do their best work and stay for the long haul.
Financial Wellness: Own a piece of Docebo through our Employee Share Purchase Plan (ESPP) at a 15% discount, plus a competitive compensation package.
Your Well-Being, Covered: You’ll get access to health benefits, so you can get the care you need when you need it.
Rest, Relax, Repeat: Rest and recharge with paid vacation days, two company-wide Docebo Days, floating holidays for cultural celebrations, and your birthday off!
Family First: We provide coverage offering you time with your little one(s) so you can soak up all those precious moments. Fun fact: we had 30 Docebian babies join the family in 2025!
Connections That Count: Connect with global communities through our Employee Resource Groups (including PRIDE, DWA, BIDOC, and Green Ambassadors) and company-wide events that keep the fun rolling all year long.
At Docebo, we create seamless, AI-powered learning experiences for over 3,000 customers worldwide. We have successfully achieved two IPOs (TSX: DCBO & NASDAQ: DCBO), been recognized as a top SaaS e-learning solution, and are growing exponentially in the process. We're a global company, with office across North America, EMEA, APAC, and beyond. Our team is guided by five core values—Grow Together Win Together, Build with Our Customer, Clear is Kind, Own Outcomes, Progress Over Perfection—that shape everything we do. If this resonates with you, now is the perfect time to join one of the fastest-growing learning technology companies in the world.
Docebo is an Equal Employment Opportunity employer. We are committed to diversity and inclusion in our workforce. All qualified applicants and employees will receive consideration for employment regardless of their race, colour, religion, sex (including pregnancy, gender identity, and sexual orientation), national origin, citizenship status, age, disability, genetic information, or any other category protected under applicable law.
As a federal contractor, Docebo is committed to the principles of affirmative action and equal employment opportunity for protected veterans and individuals with disabilities. Docebo does not discriminate because of protected veteran status or on the basis of disability, and Docebo takes affirmative action to employ and advance in employment qualified protected veterans and individuals with disabilities.
Any individuals requiring a reasonable accommodation or would like to voluntarily disclose a disability or protected veteran status to assist with their employment application should send an e-mail to [email protected]. The email should also include the position you’re interested in.