Senior Security Engineer - Application Security (F/M/N)
Paris, France
Swile
Swile, la carte et l’app au service de l'engagement des employés. Découvrez la carte la plus puissante jamais imaginée pour eux.Your role as a DevSecOps Engineer centers around proactively setting up new tools and processes to ensure the security of our codebase, and creatively solving problems, ensuring a balance between speed, pragmatism and excellence together with the rest of the Tech team.
🦾 Key responsibilities
- 🔐 Join Swile's Security Team! 🔐 Are you passionate about securing cloud environments and driving innovation? Swile is searching for a skilled DevSecOps Engineer to bolster our team and contribute to our secure architecture.
- Identify & Protect
- Work on our application security and threat modeling approaches, including audits, static and dynamic code analysis and pentesting.
- Collaborate with our DevOps, Software Engineers, and Engineering Managers to continually improve our application security strategies and priorities to protect our customers, and employees.
- End-to-end handling of vulnerability remediation, from detection to fix, working with all relevant stakeholders along the way.
- Commit patches to identified vulnerabilities to fix the existing code when needed. Work with engineering teams during the design phase of new products and features, conducting threat modeling, security architecture, and code reviews.
- Keep watch on emerging vulnerabilities and threats together with our SOC, Risk team and Compliance department.
- Perform and / or coordinate penetration testing campaigns and security assessments on the entirety of our codebase and infrastructure.
- Build our bug bounty program. Check submissions, confirm vulnerabilities, and decide on corrective measures.
- Detect & Respond
- Lead and support incident response activities related to application security incidents.
- Develop an active defense: you will be creating and integrating security tools/solutions to automate and enhance detection and remediation.
- Continuously improve our Security culture
- Undertake Red Team missions to enhance our security culture and train our staff (technical and non-technical).
- Maintain a high-security culture within the company. Organize and lead internal and external conferences and workshops.
Here's a snapshot of what you'll be doing:
✨It will be a perfect match if you have
- Software Engineering Background: You have a strong foundation in software development and have seamlessly transitioned into the world of security.
- Offensive Security Expertise: Proficient in using offensive security tools and techniques to uncover vulnerabilities.
- Analytical Mindset: Ability to think like an attacker and preemptively identify potential security threats.
- Communication Skills: Excellent ability to communicate complex security issues to non-technical stakeholders.
- If you are a future responsible Swiler: you share our commitment to the environment, diversity, fairness and inclusion and are prepared to work every day to improve individual and collective performance.
📓 One thing worth to be mentioned
- We welcome individuals with entrepreneurial backgrounds as well as those from established organizations. At Swile, we believe that delivering impactful products requires engineers to understand the needs of users and clients as well as the code itself.
⚒️ Our tech stack
- Backend & Frontend: Ruby/Rails, Typescript/React/Node.js,
- Mobile: Android (Kotlin), iOS(Swift),
- Infra: AWS/Kubernetes, PostgreSQL, Kafka, Snowflake
- Offensive Security: Burp Suite, Metasploit, Nmap
- Programming Languages: Python, Bash, Go, Ruby, JavaScript
💡What’s in it for you ?
- Vibrant Work Environment: Work in the heart of Paris in a supportive and inclusive team.
- Flexible Work Arrangements: Enjoy up to 3 days of remote work each week.
- Continuous Learning: Opportunities for professional development, access to industry-leading security conferences, and the latest security tools and resources.
- Competitive Benefits: Competitive salary, comprehensive health benefits, wellness programs, and unique team-building retreats.
- Impactful Work: Be part of a mission-driven company dedicated to transforming the workplace experience for millions.
🔥 Our hiring process
- Meet with one our our Tech Recruiters (30 to 45 minutes)
- Interview with your future Manager (1h) to talk Cybersecurity and project yourself onto the job
- Technical deep dives in Security and Infrastructure (2 x 1h)
- Interview with our Tech Leaders (2 x 30min)
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Android Application security Audits AWS Bash Burp Suite Cloud Code analysis Compliance DevOps DevSecOps FinTech Incident response iOS JavaScript Kafka Kotlin Kubernetes Metasploit Nmap Node.js Offensive security Pentesting PostgreSQL Python Red team Ruby Security assessment Snowflake SOC TypeScript Vulnerabilities
Perks/benefits: Career development Competitive pay Conferences Flex hours Health care Team events Wellness
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Cybersecurity Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Security Operations Engineer jobs
- Open Information Security Officer jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Senior Product Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open IT Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Cyber Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Network Security Engineer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Analyst jobs
- Open Security Consultant jobs
- Open Security Operations Analyst jobs
- Open Manager Pentest H/F jobs
- Open Information Security Architect jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Agile-related jobs
- Open Risk assessment-related jobs
- Open SOC-related jobs
- Open Network security-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open ISO 27001-related jobs
- Open GCP-related jobs
- Open IAM-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Threat intelligence-related jobs
- Open Vulnerability management-related jobs
- Open DevOps-related jobs
- Open Malware-related jobs
- Open DoD-related jobs
- Open Security Clearance-related jobs
- Open APIs-related jobs
- Open CEH-related jobs
- Open Security assessment-related jobs
- Open EDR-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open SaaS-related jobs
- Open DevSecOps-related jobs