Careerbuilder ATS

Careerbuilder's Applicant Tracking System provides all the tools you need to attract quality talent and run internal recruitment processes – in one simple platform.
Post jobs to external sites quickly. Source candidates with semantic search.
Simplify application management with our easy workflow.
Measure your recruiting efforts with real-time reports.


  • Full career site with built in SEO and remarketing processes.
  • Job distribution tool by Broadbean connects to 7.000 jobsites globally.
  • One search tool that brings together all applicants,
  • Configurable workflow and hiring manager access.
  • Automated CRM.
  • Full data reporting module.


  • Increases the number of applicants through SEO and retargeting.
  • Fast distribution of jobs in various media and accurate tracking.
  • Allows searching of candidates, employee referrals and talent pool.
  • Allows communication of hiring team and customised candidate management.
  • Automation of repeating communication actions like rejections or invites.
  • Allows you to build custom reports on the fly.


£10800 per unit per year

Service documents


G-Cloud 11

Service ID

4 7 6 1 4 6 3 7 3 0 4 3 9 5 8



Alexandros Fourlis


Service scope

Service scope
Software add-on or extension No
Cloud deployment model Public cloud
Service constraints No.
System requirements
  • Latest internet browsers are optimal.
  • We do not guarantee support Internet Explorer 7 or older.

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Critical (P1) 1 Hour During Hours of Operation
High (P2) 4 Hours During Hours of Operation

Medium (P3) 8 Hours During Hours of Operation
Low (P4) 12 Hours During Hours of Operation
User can manage status and priority of support tickets No
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support No
Onsite support Yes, at extra cost
Support levels We provide each client with access to a client portal that allows them to place support tickets and monitor their progress directly with our technical support team. On call support is available during working hours through our Customer Service line. Premium clients that pay more than 18k on an annual basis have access to a Customer Success Manager during working hours for any type of question or request. SLAs are provided depending on the criticality of each issue and support cost are fully incorporated in license costs, there are no add-on support costs.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started We provide a Project Manager and complete implementation documentation and workbook, the whole implementation process is a step by step process that the Project Manager goes through with the client.
There are onlive learning sessions and training but we also provide as part of the implementation live remote training. Our Project Manager is responsible to stage calls and meetings with the client to progress, report and even stay with the client for 60 more days post implementation to make sure the client is fully opearational in using the service.
Service documentation Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction We provide web services and full export options in XML format.
Its a contractual clause for us to offer the data in an easy to use format for the client to be able to use the data as he/she pleases after contract end.
End-of-contract process Full XML export and public APIs are available at no cost at the end of the contract. We have other easy to use capabilities to export data in CSV formats as well. We do not charge additional costs for export of data unless the client requires something completely out of scope.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 8
  • Internet Explorer 9
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service The recruiter management backend is not fully mobile optimised so there are specific elements of the applications that will appear in small letters or not in optimal design for a mobile device. All the front-end careersite features for applicants are fully mobile optimised.
Service interface No
What users can and can't do using the API Profilsoft web service is based on the REST model with additional details listed below, this can be used for client to get or feed our system with data around jobs, postings, candidate data or hiring data etc:
the web service uses exclusively the methods GET and POST :
- POST on a list: Adds a new element (exact implementation of the REST model)
- POST on a detail of an element: Modifies the element (the same as PUT)
- POST on a detail of an element with/ delete added to uri: Deletion *the same as DELETE)
Every request via the GET method in a “neutral” request (ie: causes no data modification).
We provide access to full API documentation online.
API documentation Yes
API documentation formats
  • Open API (also known as Swagger)
  • HTML
API sandbox or test environment Yes
Customisation available Yes
Description of customisation During the implementation process we ask the clients their preferences in customising and configuring a range of options, customers development teams can also use the APIs available to integrate and customise the service according ot their needs.
In our process we allow customers to customise multiple elements, some examples are:
1. Requisition approval process. Who and how approves openings before being posted.
2. Recruitment/Hiring manager workflow, Which stages are included and what path can a candidate take in each stage, automation of communication messages can be employed as well.
3. Onboarding can be customised using an integration with Sertifi. What needs to happen once a candidate is moved in the Hire stage.
4. All applications and job description fields can be customised. Like locations, job categories and hierarchy, stages etc.
5. Reports can be fully customised.
Many other elements as well.


Independence of resources The system is hosted in the cloud so all users are using the same services, we provide SLA guarantess within the contract and we use AWS services in order to do load balancing and be avle to scale resources to demand.


Service usage metrics Yes
Metrics types There is a full reporting suite with Real-time dashboards, regular reports and a full custom report building function that gives access to all the tables and data withing the application. Also our team during implementation or support can build reports for the client.
Reporting types
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request


Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Staff screening not performed
Government security clearance Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
  • EU-US Privacy Shield agreement locations
User control over data storage and processing locations Yes
Datacentre security standards Managed by a third party
Penetration testing frequency At least every 6 months
Penetration testing approach Another external penetration testing organisation
Protecting data at rest
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
Data sanitisation process Yes
Data sanitisation type Explicit overwriting of storage before reallocation
Equipment disposal approach Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data importing and exporting
Data export approach XML and CSV, XLS formats available.
Fully customised report module allows exporting of data.
Also APIs and webservices are available.
Data export formats
  • CSV
  • ODF
  • Other
Other data export formats XML
Data import formats
  • CSV
  • ODF
  • Other
Other data import formats XML

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks TLS (version 1.2 or above)
Data protection within supplier network TLS (version 1.2 or above)

Availability and resilience

Availability and resilience
Guaranteed availability Available upon request. Variable according to selected product configuration.
Approach to resilience Available upon request.
Outage reporting Email alerts.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication Username or password
Access restrictions in management interfaces and support channels Management and sales departments have no access to client systems, only customer support and technical support personell have clearly defined access rights that allow them to access clients systems and compliance training is offered on a yearly basis.
Access restriction testing frequency At least every 6 months
Management access authentication Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users have access to real-time audit information
How long user audit data is stored for User-defined
Access to supplier activity audit information Users have access to real-time audit information
How long supplier audit data is stored for User-defined
How long system logs are stored for User-defined

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified No
Security governance approach We align ourselves with ISO/IEC 27001 but we have not completed the audit process yet.
Information security policies and processes CareerBuilder has defined, approved,published, and communicated to teammates a set of information security policies designed to govern and direct business practices so that information security objectives are met through the organization’s business practices. These information security policies address business strategy, compliance with regulations, legislation and contracts, as well as the current and projected information security landscape. The full suite of information security policies include policies that cover the following:
• Organization of Information Security
• Human Resources Security
• CareerBuilder Asset and Data Management Security
• Acceptable Use of CareerBuilder assets and data
• Access Control for CareerBuilder assets and data
• Cryptography Standards for data management
• Physical and Environmental Security of CareerBuilder infrastructure
• CareerBuilder Operational Security
• Communication and Information Transfer Security
• Secure Development and System Acquisition Security
• Supplier and Vendor Relationship Security
• Information Security aspects of Business Continuity and Incident Response Management
• Information Security Compliance

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach CareerBuilder shall document and enforce formal change control procedures through change management policies defined by the relevant operating group or business unit to ensure the integrity of systems and applications throughout the entire development lifecycle. The introduction of new systems and major changes to existing systems shall follow the same process for documentation, specification, testing, quality control, and managed implementation. A Software Version Control Standard shall be implemented to standardize the above process. CareerBuilder should perform security functionality testing during software development.
Vulnerability management type Supplier-defined controls
Vulnerability management approach All CareerBuilder networked roduction systems must have a process for regularly reviewing and installing all newly released systems software patches, bug fixes, and upgrades. Technology owners in charge of every production information system at CareerBuilder must establish a time period approved by management for the non-­‐emergency periodic installation of patches, fixes, and upgrades to software. Vendor-­‐supplied software patches, fixes, and updates should not be installed on any CareerBuilder production system unless they have first been tested in a development environment. Systems Critical patches shall be tested and applied within 30 days.
Protective monitoring type Supplier-defined controls
Protective monitoring approach There are multiple audit processes internal and we also employ external monitoring. There is an incident response management plan that is activated once an incident is identified and an incident manager is appointed. Once criticality of issue is identified there are specific timed restrictios to follow up.
Incident management type Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach There is a standard incident response plan and we have a Risk & Compliance Department team email, pager and hotline that allows us to report any incident. Incident reporting is provided internally and externally (e.g to ICO) if certain conditions are met.

Secure development

Secure development
Approach to secure software development best practice Conforms to a recognised standard, but self-assessed

Public sector networks

Public sector networks
Connection to public sector networks No


Price £10800 per unit per year
Discount for educational organisations No
Free trial available No

Service documents

Return to top ↑