Backend Security Engineer

About komoot

Komoot is an app that lets you find, plan, and share adventures. Driven by a desire to explore, and powered by the outdoor community’s recommendations, it’s Komoot’s mission to inspire great adventures making them accessible to all. And we’re good at what we do: Google and Apple have listed us as one of their Apps of the Year numerous times!

Today, with over 27 million users and 200,000 five-star reviews, Komoot is well on its way to becoming the most popular cycling and hiking app for people who love adventures worldwide.

Join our fully remote team and change the way people explore!

About the role

As komoot’s next Security Backend Engineer, you join a highly-motivated team of tech enthusiasts. We believe that simple and smart solutions are the solution to complex security challenges. Join us if you love building easy-to-use security foundations, infrastructure as code, and building resilient, self-healing micro-services.

Ready for your next adventure?

What you will do

• Take care of our security core-infrastructure: The oauth2 authentication api, rate-limiting, spam-protection, metrics and security logs.
• Build and extend microservices written in Java/Kotlin and deploy them on AWS.
• Contribute to project planning with your security and privacy feedback.
• Review security reports from our bug-bounty program and discuss fixes with the responsible development teams.
• Develop end-to-end backend / security solutions including: concept, road map planning, implementation, testing, deployment, and monitoring

Why you will love it

• You’ll work on a global product that inspires millions of users to enjoy the great outdoors
• Take over responsibility for core infrastructure already with your first project
• You join a newly formed team at komoot and will influence how security is “done right”
• We strive for honest security and enable our colleagues to do their best work.
• You’ll work together with enthusiastic engineers, hikers, and cyclists.
• We let you work from wherever you want, be it a beach, the mountains, your house, co-working location of your choice (covered by us), or anywhere else that lies in any time zone situated between UTC-1 and UTC+3
• You’ll travel with our team to amazing outdoor places several times a year (when safe) to exchange ideas, learnings and go for hikes and rides.

Requirements

You will be successful in this position if you

• Are highly self-driven, responsible and keen to learn and improve
• Have a deep understanding of https, oauth2, hmac, (a)symmetric encryption.
• Know about the most common web attacks and how to mitigate them
• Have 3+ years of professional experience in developing distributed and resilient backend APIs
• Have 3+ years of professional experience with Kotlin or Java
• You have been responsible for configuring and running applications in production on AWS, Google Cloud, Microsoft Azure or Kubernetes
• Have experience with Infrastructure as Code, continuous integration & deployment and monitoring
• Enjoy paying attention to details and care about solid solutions
• Are a great communicator in a diverse team

Benefits

Some of our Perks

• 38 days of vacation (incl. public holidays)
• Dedicated time and budget to spend on your professional development: classes, conferences, books – you decide!
• Discounts from leading outdoor and cycling brands
• Flexible working hours and ability to work from anywhere in Europe
• Three whole-company gatherings per year in beautiful locations
• Optional “togetherness” trips with your team
• Costs covered for your co-working space membership or your work from home office
• The latest devices and equipment to do your best work

Curious to find out more about our recruitment process?

• Find out more info here: https://www.komoot.com/jobs-process
• At komoot we want to make great adventures accessible to everyone. We support diversity and inclusivity within the outdoors and welcome all prospective applicants.
• We have a rolling recruitment process. If this role is online it means it’s still open. We’re accepting applications and actively looking for the perfect candidate. Is it you?