Senior Offensive Security Engineer
Paris, France
MANGOPAY
Modular payment infrastructure for marketplaces and platforms. Select and connect the products you need to succeed.Company Description
MANGOPAY’s mission is to shape the future of exchanges!
We empower all marketplaces and platforms by providing them with powerful and flexible payment and regulatory solutions. Since 2013, we have accelerated the success of some of the biggest names in e-commerce, retail, and cutting-edge platforms like Vinted, Rakuten, Chrono24, La Redoute, Wallapop and 2,500 + more.
Our team of over 250 talents is spread across Europe, with main offices in Paris and Luxembourg. Marketplaces and fintechs are thriving and we are looking for outstanding profiles to tackle some of the most ambitious challenges in our field and contribute to our robust growth. We are proud of our diversity and are committed to employee well-being, inclusion and equal opportunity. Working at MANGOPAY means joining a dynamic, flexible and fast-growing organization.
We just raised €75 Million with Advent International, one of the most experienced private equity investors, to scale our vision globally. It’s time to join the adventure!
Job Description
As Mangopay is accelerating throughout its growth stage, we’re looking to onboard a senior ethical hacker with deep technical security knowledge base.
The candidate would have proven experience in a similar capacity, though not necessarily in the same industry. They would have to feel comfortable in a cross-functional environment, dynamic and complex.
An individual security expert with a passion for breaking code, exploiting vulnerabilities and hacking stuff.
Key Responsibilities
As an offensive security engineer, you will:
- Operate on offensive security “Red Team” campaigns of our products, systems and processes to improve our ability to protect, detect and respond to adversaries and protect our customers
- Effectively collaborate in a fast-paced environment with multiple teams in the Tech organization (rest of the Cybersecurity team, Software Engineering, QA, Project/Release Management, etc.).
Qualifications
- 5-7 years of experience in multiple security engineering disciplines (e.g., red teaming, penetration testing, security operations, application security, secure software or system design). With strong offensive security experience (application penetration testing, network penetration testing, bug bounty),
- Technical security background (netsec, cryptography, authentication and security protocols)
- Deep understanding of security vulnerabilities and mitigation
- Knowledge of AWS Cloud Security principles
- Deep knowledge of at least one scripting language (Python, Perl, Ruby, etc.)
- Experience in automation via scripting and configuration management tools (Puppet, Ansible, or others)
- Security testing tools including Cobalt Strike, C2 infrastructure, Nmap, Burp Suite, Wireshark, Qualys or Tenable, john the ripper, Metasploit, Acunetix, Snort, Intruder, Kali…)
- Experience in communicating with users, other technical teams, and management to collect requirements, describe software product features, and technical designs
- Experience in CTF competitions, bug bounty rewards, active in cybercommunity (RSA, blackhat, …)
- Results oriented, high energy, self-motivated
- Certifications such as OSCP, OSCE, OSWE, SANS / GIAC or Malware reverse engineering (SANS FOR610 or GPEN) is a plus
- Published CVEs and security articles is an added advantage.
Additional Information
- HR Call
- Technical interview with our VP Information Security
- Interview with the IT Ops team
Tags: Ansible Application security Automation AWS Burp Suite Cloud Cobalt Strike Cryptography CTF E-commerce GIAC GPEN Kali Malware Metasploit Nmap Offensive security OSCE OSCP OSWE Pentesting Perl Puppet Python Qualys Red team Reverse engineering RSA Ruby SANS Scripting Snort Vulnerabilities
Perks/benefits: Flex hours Startup environment
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Security Operations Engineer jobs
- Open Information Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Senior Information Security Analyst jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Senior Information Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Chief Information Security Officer jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Sr. Security Engineer jobs
- Open Security Researcher jobs
- Open Senior Security Architect jobs
- Open Security Operations Analyst jobs
- Open ISO 27001-related jobs
- Open Clearance-related jobs
- Open Windows-related jobs
- Open Application security-related jobs
- Open Network security-related jobs
- Open Agile-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open DevOps-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open Kubernetes-related jobs
- Open CI/CD-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open CEH-related jobs
- Open EDR-related jobs