Security Engineer
Remote, EU
Full Time Mid-level / Intermediate EUR 60K - 80K
ChartMogul
Building the most powerful Subscription Analytics Platform for the SaaS community.Job description
ChartMogul's Security Engineering is comprehensive and cross-functional. As the sole owner of this role, you will be responsible for enhancing the security of our applications and ensuring our SOC-2 compliance. You will collaborate with various teams to identify vulnerabilities, design and implement security product features, and maintain a robust application security posture. We especially want to hear from you if you are a software engineer focusing on application security.
As a Security Engineer, you will
-
Be the main point of contact, internally and externally, for all security-related requirements
-
Contribute to designing and implementing product features with security and privacy by design mindset
-
Conduct comprehensive security assessments on our family of codebases to identify and fix vulnerabilities and weaknesses
-
Facilitate and lead application security reviews and threat modeling, which includes code review and dynamic testing
-
Foster a security-conscious culture by providing security training and awareness programs across the company
-
Maintain infrastructure security at various levels, ranging from containers up to the perimeter
-
Own, manage, and update our Incident Response plan
-
Contribute to developing and maintaining SOC-2 controls, policies, and procedures
While this is a remote position, we are only able to consider candidates who are based in the EU.
Job requirements
What we’re looking for
-
Demonstrable previous experience of at least 2 years as an Application Security Engineer
-
Technical knowledge of techniques, standards, and state-of-the-art capabilities for authentication and authorization, applied cryptography, security vulnerabilities, and remediation
-
Working experience with at least one programming language, preferably Ruby (on Rails), Python or Javascript
-
Knowledge of cloud environment(s), preferably AWS
-
Proactive and independent, with a strong sense of urgency
-
Excellent written and verbal communication skills in English
-
Ability to collaborate effectively with cross-functional teams
-
Experience translating security concepts into language for application developers and non-technical audiences
Nice to have
- Bachelor's degree in Computer Science, Information Security, or related fields
-
Working experience in web application development
-
Experience with Docker and Kubernetes
-
Experience with Sysdig
What we offer
-
Competitive compensation and equity package
-
Annual performance and compensation review
-
Flexible hours with a healthy work-life balance
-
Paid holidays, paid sick leave, and parental leave
-
Adventures of a highly innovative, market-leading company, where you’ll experience having an incredibly impactful job
-
A team of kind and highly dedicated people who all have the same mission: helping SaaS companies succeed!
Application Process
-
Initial call with our tech recruiter
-
Security-related Technical interview
-
Hiring Manager + Team interview
-
Stakeholder interview with Legal Team
-
Final interview with VP of Engineering
-
Reference Checks
-
Offer
As a global, distributed workforce in over 20 countries, we know good ideas come from all over. Our different backgrounds, strengths, identities, and experiences make our product and company better. That's why we are committed to a diverse and inclusive workplace that fosters collaboration and innovation.
Tags: Application security AWS Cloud Compliance Computer Science Cryptography Docker Incident response JavaScript Kubernetes Privacy Python Ruby SaaS Security assessment SOC Vulnerabilities
Perks/benefits: Competitive pay Equity Flex hours Parental leave
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Analyste CERT / Incident Responder junior (H/F) jobs
- Open SOC Analyst jobs
- Open Senior Cybersecurity Engineer jobs
- Open Analyste CERT / Incident Responder senior (H/F) jobs
- Open Electronic Warfare Advanced Tactical Trainer jobs
- Open IT Security Analyst jobs
- Open Information Security Officer jobs
- Open Senior Information Security Engineer jobs
- Open Consultant SOC / CERT H/F jobs
- Open Cyber Security Specialist jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Security Operations Engineer jobs
- Open Staff Product Security Engineer jobs
- Open Senior SOC Analyst jobs
- Open Product Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Staff Information Security Engineer jobs
- Open o365 Security Architect jobs
- Open Infosec Risk Manager jobs
- Open Cybersecurity Consultant jobs
- Open Chief Information Security Officer jobs
- Open Fortinet Firewall Engineer jobs
- Open Cyber Security Architect jobs
- Open Ingénieur DevSecops H/F jobs
- Open Application security-related jobs
- Open Risk assessment-related jobs
- Open Network security-related jobs
- Open SaaS-related jobs
- Open Governance-related jobs
- Open Pentesting-related jobs
- Open Java-related jobs
- Open Analytics-related jobs
- Open ISO 27001-related jobs
- Open Clearance-related jobs
- Open Vulnerability management-related jobs
- Open CISM-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open APIs-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open Malware-related jobs
- Open Splunk-related jobs
- Open Kubernetes-related jobs
- Open CISA-related jobs
- Open DevSecOps-related jobs
- Open Terraform-related jobs
- Open IDS-related jobs
- Open GDPR-related jobs