Senior Security Engineer - Application Security (F/M/N)

Paris, France


Swile, la carte et l’app au service de l'engagement des employés. Découvrez la carte la plus puissante jamais imaginée pour eux.

View all jobs at Swile

Apply now Apply later

At Swile, we believe that good products can help reduce friction in daily professional life and boost employee satisfaction. Today, we provide innovative solutions in various areas such as Fintech, Travel, HR, and Employee Benefits to more than 5.5 million users in 85,000 companies in France and Brazil.
Your role as a DevSecOps Engineer centers around proactively setting up new tools and processes to ensure the security of our codebase, and creatively solving problems, ensuring a balance between speed, pragmatism and excellence together with the rest of the Tech team.

🦾 Key responsibilities

  • 🔐 Join Swile's Security Team! 🔐
  • Are you passionate about securing cloud environments and driving innovation? Swile is searching for a skilled DevSecOps Engineer to bolster our team and contribute to our secure architecture.
    Here's a snapshot of what you'll be doing:
  • Identify & Protect
  • Work on our application security and threat modeling approaches, including audits, static and dynamic code analysis and pentesting.
  • Collaborate with our DevOps, Software Engineers, and Engineering Managers to continually improve our application security strategies and priorities to protect our customers, and employees.
  •  End-to-end handling of vulnerability remediation, from detection to fix, working with all relevant stakeholders along the way.
  • Commit patches to identified vulnerabilities to fix the existing code when needed. Work with engineering teams during the design phase of new products and features, conducting threat modeling, security architecture, and code reviews.
  •  Keep watch on emerging vulnerabilities and threats together with our SOC, Risk team and Compliance department.
  •  Perform and / or coordinate penetration testing campaigns and security assessments on the entirety of our codebase and infrastructure.
  •  Build our bug bounty program. Check submissions, confirm vulnerabilities, and decide on corrective measures.

  • Detect & Respond
  •  Lead and support incident response activities related to application security incidents.
  •  Develop an active defense: you will be creating and integrating security tools/solutions to automate and enhance detection and remediation.

  • Continuously improve our Security culture
  •  Undertake Red Team missions to enhance our security culture and train our staff (technical and non-technical).
  •  Maintain a high-security culture within the company. Organize and lead internal and external conferences and workshops.

✨It will be a perfect match if you have

  • Software Engineering Background: You have a strong foundation in software development and have seamlessly transitioned into the world of security.
  • Offensive Security Expertise: Proficient in using offensive security tools and techniques to uncover vulnerabilities.
  • Analytical Mindset: Ability to think like an attacker and preemptively identify potential security threats.
  • Communication Skills: Excellent ability to communicate complex security issues to non-technical stakeholders.
  • If you are a future responsible Swiler: you share our commitment to the environment, diversity, fairness and inclusion and are prepared to work every day to improve individual and collective performance.

📓 One thing worth to be mentioned

  • We welcome individuals with entrepreneurial backgrounds as well as those from established organizations. At Swile, we believe that delivering impactful products requires engineers to understand the needs of users and clients as well as the code itself.

⚒️ Our tech stack

  • Backend & Frontend: Ruby/Rails, Typescript/React/Node.js,
  • Mobile: Android (Kotlin), iOS(Swift),
  • Infra: AWS/Kubernetes, PostgreSQL, Kafka, Snowflake
  • Offensive Security: Burp Suite, Metasploit, Nmap
  • Programming Languages: Python, Bash, Go, Ruby, JavaScript

💡What’s in it for you ?

  • Vibrant Work Environment: Work in the heart of Paris in a supportive and inclusive team.
  • Flexible Work Arrangements: Enjoy up to 3 days of remote work each week.
  • Continuous Learning: Opportunities for professional development, access to industry-leading security conferences, and the latest security tools and resources.
  • Competitive Benefits: Competitive salary, comprehensive health benefits, wellness programs, and unique team-building retreats.
  • Impactful Work: Be part of a mission-driven company dedicated to transforming the workplace experience for millions.

🔥 Our hiring process

  • Meet with one our our Tech Recruiters (30 to 45 minutes)
  • Interview with your future Manager (1h) to talk Cybersecurity and project yourself onto the job
  • Technical deep dives in Security and Infrastructure (2 x 1h)
  • Interview with our Tech Leaders (2 x 30min)
Apply now Apply later
  • Share this job via
  • or

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Job stats:  6  2  0

Tags: Android Application security Audits AWS Bash Burp Suite Cloud Code analysis Compliance DevOps DevSecOps FinTech Incident response iOS JavaScript Kafka Kotlin Kubernetes Metasploit Nmap Node.js Offensive security Pentesting PostgreSQL Python Red team Ruby Security assessment Snowflake SOC TypeScript Vulnerabilities

Perks/benefits: Career development Competitive pay Conferences Flex hours Health care Team events Wellness

Region: Europe
Country: France

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.