Senior Security Engineer

Paris
CDI
Temps-plein

Il y a 1 mois
Postuler facilement

Join the Future of Work ! Malt is Europe's leading freelance marketplace, connecting over 700,000 talented freelancers with 70,000+ companies. Founded in 2013, we're transforming how work gets done through our tech-powered, human-centered platform. What makes us different:- A diverse team of 600 Malters across 6 European countries- A culture that champions equality (50% of our Comex are women) and inclusive growth- Backed by top investors including ISAI, Serena Capital, Eurazeo Growth, Goldman Sachs, and BPI- A mission to give everyone the freedom to work differentlyReady to help shape the future of work? Your next chapter starts here! 🪐Explore your future career 🔭Malt is growing rapidly. In order to achieve our ambitious goals, we are offering you the opportunity to join Malt as a Security Engineer.The Security squad plays a crucial role within the product team dedicated to ensuring the security of our freelancers and clients. Additionally, the squad collaborates with IT at the company level to ensure to provide all departments with the necessary tools for secure and efficient work. Considering the evolving security landscape and potential threats, the squad extends to face these challenges.Key responsibilities ✨

Engage in vulnerability management activities: reduce the vulnerability backlog, industrialize SCA/SAST & DAST, maintain and improve the bug bounty program, organize internal pentests, and ensure 100% of developers are trained in secure coding practices.
Strengthen corporate & product security by developing and maintaining the alerting system on the SIEM, and responding efficiently to security alerts.
Engage in incident response activities, which involve identifying incidents through a monitoring plan (including rule detection and associated dashboards), assessing their existence and their severity, and finally efficiently resolving them.
Enhance platform security by designing and implementing solutions to proactively mitigate cybersecurity risks and detect any unfair usage of the platform.
Support, advise and make autonomous the engineering teams in the implementation of security best practices.

You will also participate in improving the security excellence of the development team, spread the security best practices at Malt, participate in our communities of practices (SRE, security, back-end, and front-end in particular), and increase your knowledge thanks to an active watch in the field of security and software.You will participate in the animation of our security community of practice gathering members of all squads: software, cloud, and data engineers experienced and passionate about software security.At Malt, we believe that curiosity is an asset. The whole squad participates in the product architecture, all decisions are collegial, and we regularly engage in discussions on the best way to do things.Our Tech Stack

Frontend: TypeScript, Vue.js, Nuxt, Internal Design System, Stencil.js
Backend: Kotlin, Java Spring Boot, Gradle, PostgreSQL, MongoDB, Elasticsearch, RabbitMQ, Redis
Platform: Google Cloud Platform, Kubernetes, Terraform, ArgoCD, Gitlab CI
Mobile: Swift, KotlinData: Big Query, Looker, Spark, Python
We practice continuous integration and delivery, we update Malt around 70 times per week in production. We intensively use Datadog for production monitoring and alerting.

About you 🧑‍🚀

Minimum 4 years of experience in software security in an engineering team
Strong understanding of web application security risks, particularly OWASP, and successfully implement solutions to address these risks in previous roles.
Comfortable with modern web applications (Single page applications, REST, Cloud infrastructure, emails) and have some notions of Object-Oriented programming (such as Java or Python), Web programming languages (JavaScript and/or Typescript).
Proficient in at least one Cloud platform, preferably GCP, and have experience with Kubernetes.
Master the security of web applications, including familiarity with technologies like WAF, IDS/IPS, RASP, etc.
Practical experience with at least one security events detection tool (SIEM or similar).

You are versatile, autonomous, proactive, and demanding, you like to search for security flaws in software. You may have already participated in bug bounty programs yourself!We would love to meet you!How to join the mission? 🚀

Screening with

, our Tech Talent Acquisition Manager, to better understand your background, aspirations and answer your questions (45 minutes) * Interview with
, our Head of Security, to discuss your experience and the role in more detail (60 minutes) * Technical Interview with the Security squad (90 minutes)

Final interview with a C-Level to discuss Malt's long term vision

At Malt, we are committed to fostering an inclusive and diverse workplace. We recruit based on skills, experience, and potential, without any form of discrimination related to age, gender, sexual orientation, ethnicity, religion, or disability. Our mission is to create a work environment where everyone feels valued, respected, and safe to thrive.

Malt