Senior Security Engineer - Application Security

Join Swile as a Senior Security Engineer - Application Security

Swile is on a mission to create a more fulfilling world of work by making people smile. We are looking for a passionate and skilled Senior Security Engineer to join our Security Team and help us secure our cloud environments and drive innovation in our secure architecture.

Key Responsibilities

• Identify & Protect: Work on our application security and threat modeling approaches, including audits, static and dynamic code analysis, and penetration testing. Collaborate with our DevOps, Software Engineers, and Engineering Managers to continually improve our application security strategies and priorities to protect our customers and employees.
• Vulnerability Remediation: Handle end-to-end vulnerability remediation, from detection to fix, working with all relevant stakeholders. Commit patches to identified vulnerabilities to fix the existing code when needed.
• Security Architecture: Work with engineering teams during the design phase of new products and features, conducting threat modeling, security architecture, and code reviews.
• Emerging Threats: Keep watch on emerging vulnerabilities and threats together with our SOC, Risk team, and Compliance department.
• Penetration Testing: Perform and/or coordinate penetration testing campaigns and security assessments on the entirety of our codebase and infrastructure.
• Bug Bounty Program: Build our bug bounty program, check submissions, confirm vulnerabilities, and decide on corrective measures.

Detect & Respond

• Lead and support incident response activities related to application security incidents.
• Develop an active defense by creating and integrating security tools/solutions to automate and enhance detection and remediation.

Continuously Improve Our Security Culture

• Undertake Red Team missions to enhance our security culture and train our staff (technical and non-technical).
• Maintain a high-security culture within the company. Organize and lead internal and external conferences and workshops.

Ideal Candidate

• Software Engineering Background: Strong foundation in software development with a seamless transition into security.
• Offensive Security Expertise: Proficient in using offensive security tools and techniques to uncover vulnerabilities.
• Analytical Mindset: Ability to think like an attacker and preemptively identify potential security threats.
• Communication Skills: Excellent ability to communicate complex security issues to non-technical stakeholders.

Tech Stack

• Backend & Frontend: Ruby/Rails, Typescript/React/Node.js
• Mobile: Android (Kotlin), iOS (Swift)
• Infra: AWS/Kubernetes, PostgreSQL, Kafka, Snowflake
• Offensive Security: Burp Suite, Metasploit, Nmap
• Programming Languages: Python, Bash, Go, Ruby, JavaScript

What’s in it for you?

• Vibrant Work Environment: Work in the heart of Paris in a supportive and inclusive team.
• Flexible Work Arrangements: Enjoy up to 3 days of remote work each week.
• Continuous Learning: Opportunities for professional development, access to industry-leading security conferences, and the latest security tools and resources.
• Competitive Benefits: Competitive salary, comprehensive health benefits, wellness programs, and unique team-building retreats.
• Impactful Work: Be part of a mission-driven company dedicated to transforming the workplace experience for millions.

Hiring Process

1. Meet with one of our Tech Recruiters (30 to 45 minutes)
2. Interview with your future Manager (1h) to talk Cybersecurity and project yourself onto the job
3. Technical deep dives in Security and Infrastructure (2 x 1h)
4. Interview with our Tech Leaders (2 x 30min)

If you are passionate about security and innovation, and you want to make a real impact, we would love to hear from you!