Application Security Engineer
Paris
Aircall
The cloud call center software trusted by teams everywhere. Set up a cloud-based call center and integrate with your CRM & Helpdesk software in minutes.Backed by over $220 million of investment since 2015, we create technology that fuels accessible, transparent and collaborative communication to empower our base of 12,000+ customers (and growing) to make authentic, human connections.
Conversation is a cornerstone of our culture. Wherever our people find themselves in the Aircall world – Paris, New York, Sydney, Madrid, London, Berlin, Tel Aviv, or at home – everyone has a voice that is valued.
Whatever your background, wherever you’re from – we want you to join the conversation. Let’s talk.
As an Application Security Engineer, you will be responsible for fostering and maintaining a good security posture on our infrastructure, application and processes to help other teams deliver customer value on top of Voice.
Security testing best practices, evangelization, and mentoring in your team and across the whole of Engineering will be part of your day to day job.
Quality, excellence, and agility drive our delivery processes and you will help us level these up. Using modern tools (Rails, TS, Terraform, ...) on AWS, we build added value and resilient services on top of voice and fully integrate with our customers’ business critical tools (CRM, Helpdesk, E-Commerce, …).
Your mission @Aircall:
- Driving improvements to Aircall’s security posture through strategic planning and collaboration with both development and infrastructure teams, with trust, autonomy and influence
- Ensuring the security testing across Engineering to ensure best practices are applied and a security first mindset, continues to be ever present within the organisation
- Having key security related responsibilities within automated test design, architecture, and end-to-end delivery of key modules
- Contributing code to our applications and services to address vulnerabilities and evolving our codebases toward secure coding practices
- Collaborating with Product and Engineering to balance security risk with product advancement
- Communicating risks to engineering staff and assisting leadership through consulting, training and technical demonstration of vulnerabilities and secure design patterns
- Sharing knowledge by giving brown bags, tech talks, and evangelizing appropriate tech and engineering best practices
- Contributing security-focused feedback to engineers during all phases of the development lifecycle
- Ensuring security bug tracking, bug bounty operation and scanner results triage
- Being involved in new features development to ensure security breaches are not introduced
- Being part of an engineering organization delivering high quality, secure, voice solutions to Aircall clients.
- Contributing to investigations of any actual or potential information security risks or breaches, and develop mitigating plans and coordinate the incident response
- Staying up to date on current and future security technology and trends and act as a key advisor to align business and security
A little bit more about you
- You have at least 2+ years of experience in Security
- You have a comprehensive understanding of risk management
- You have a good understanding of attack patterns to design and develop proper security testing. Being business centric minded is a necessity to pinpoint potential security breaches
- You understand the secure development process and other best practices and are accustomed to using systems such as Jira, Confluence, BitBucket, GitHub, GitPrime, etc.
- You have experience in identifying, debugging and solving complex security related production issues
- You are used to working in Agile teams and look for and implement continuous improvement, but you also appreciate good process and quality assurance in mitigating risk and improving quality and security
- Experience working with external security testing companies to deliver specific requirements, e.g. penetration testing and certifications
- You’re familiar with modern web security, and have experience with JS, TS and/or Ruby on Rails
- A practical understanding of data privacy / GDPR
Let’s grow together: Aircall is a place for those who dare to be bold and seek responsibility, excellence, and the opportunity to push themselves to new heights.
We’re creating a place where great people trust one another and thrive together.
People flourish at Aircall and now is the time to be part of the team and the journey we’re on.
Why join us?
🚀 Key moment to join Aircall in terms of growth and opportunities💆♀️ Our people matter, work-life balance is important at Aircall📚 Fast-learning environment, entrepreneurial and strong team spirit🌍 45+ Nationalities: cosmopolite & multi-cultural mindset💶 Competitive salary package & benefits
DE&I Statement: At Aircall, we believe diversity, equity and inclusion – irrespective of origins, identity, background and orientations – are core to our journey.
We pride ourselves on promoting active inclusion within our business to foster a strong sense of belonging for all. We’re working to create a place filled with diverse people who can enrich and learn from one another. We’re committed to ensuring that everyone not only has a seat at the table but is valued and respected at it by providing equal opportunities to develop and thrive.
We will constantly challenge ourselves to make sure that we live up to our ambitions around diversity, equity and inclusion, and keep this conversation open. Above all else, we understand and acknowledge that we have work to do and much to learn.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Agile Application security AWS Bitbucket E-commerce GDPR GitHub Incident response Jira Pentesting Privacy Risk management Ruby Terraform Vulnerabilities
Perks/benefits: Career development Competitive pay Equity
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Staff Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Security Analyst jobs
- Open Security Operations Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Cyber Security Engineer jobs
- Open Product Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Cyber Security Specialist jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Cybersecurity Analyst jobs
- Open Principal Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Engineer jobs
- Open Consultant SOC / CERT H/F jobs
- Open Cybersecurity Specialist jobs
- Open IT Security Analyst jobs
- Open Chief Information Security Officer jobs
- Open Security Researcher jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Specialist jobs
- Open Information System Security Officer (ISSO) jobs
- Open Agile-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open CISM-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open CISA-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs
- Open Security Clearance-related jobs
- Open Malware-related jobs
- Open IDS-related jobs
- Open APIs-related jobs
- Open CEH-related jobs
- Open CI/CD-related jobs