Security Engineer

Paris

⚠️ We'll shut down after Aug 1st - try foo🦍 for all jobs in tech ⚠️

Apply now Apply later

🪐 Discover our galaxy
Join the Future of Work ! Malt is Europe's leading freelance marketplace, connecting over 700,000 talented freelancers with 70,000+ companies. Founded in 2013, we're transforming how work gets done through our tech-powered, human-centered platform. What makes us different:
- A diverse team of 600 Malters across 6 European countries- A culture that champions equality (50% of our Comex are women) and inclusive growth- Backed by top investors including ISAI, Serena Capital, Eurazeo Growth, Goldman Sachs, and BPI- A mission to give everyone the freedom to work differently
Ready to help shape the future of work? Your next chapter starts here! 🪐
Explore your future career  🔭
Malt is growing rapidly. In order to achieve our ambitious goals, we are offering you the opportunity to join Malt as a Security Engineer.
The Security squad plays a crucial role within the product team dedicated to ensuring the security of our freelancers and clients. Additionally, the squad collaborates with IT at the company level to ensure to provide all departments with the necessary tools for secure and efficient work. Considering the evolving security landscape and potential threats, the squad extends to face these challenges.

Key responsibilities ✨

  • Engage in vulnerability management activities: reduce the vulnerability backlog, industrialize SCA/SAST & DAST, maintain and improve the bug bounty program, organize internal pentests, and ensure 100% of developers are trained in secure coding practices.
  • Strengthen corporate & product security by developing and maintaining the alerting system on the SIEM, and responding efficiently to security alerts.
  • Engage in incident response activities, which involve identifying incidents through a monitoring plan (including rule detection and associated dashboards), assessing their existence and their severity, and finally efficiently resolving them.
  • Enhance platform security by designing and implementing solutions to proactively mitigate cybersecurity risks and detect any unfair usage of the platform.
  • Support, advise and make autonomous the engineering teams in the implementation of security best practices.

  • You will also participate in improving the security excellence of the development team, spread the security best practices at Malt, participate in our communities of practices (SRE, security, back-end, and front-end in particular), and increase your knowledge thanks to an active watch in the field of security and software.
    You will participate in the animation of our security community of practice gathering members of all squads: software, cloud, and data engineers experienced and passionate about software security.
    At Malt, we believe that curiosity is an asset. The whole squad participates in the product architecture, all decisions are collegial, and we regularly engage in discussions on the best way to do things.  

Our Tech Stack

  • Frontend: TypeScript, Vue.js, Nuxt, Internal Design System, Stencil.js
  • Backend: Kotlin, Java Spring Boot, Gradle, PostgreSQL, MongoDB, Elasticsearch, RabbitMQ, Redis
  • Platform: Google Cloud Platform, Kubernetes, Terraform, ArgoCD, Gitlab CI 
  • Mobile: Swift, KotlinData: Big Query, Looker, Spark, Python
  • We practice continuous integration and delivery, we update Malt around 70 times per week in production. We intensively use Datadog for production monitoring and alerting.

About you 🧑‍🚀

  • Minimum 4 years of experience in software security in an engineering team
  • Strong understanding of web application security risks, particularly OWASP, and successfully implement solutions to address these risks in previous roles.
  • Comfortable with modern web applications (Single page applications, REST, Cloud infrastructure, emails) and have some notions of Object-Oriented programming (such as Java or Python), Web programming languages (JavaScript and/or Typescript).
  • Proficient in at least one Cloud platform, preferably GCP, and have experience with Kubernetes.
  • Master the security of web applications, including familiarity with technologies like WAF, IDS/IPS, RASP, etc.
  • Practical experience with at least one security events detection tool (SIEM or similar). 

  • You are versatile, autonomous, proactive, and demanding, you like to search for security flaws in software. You may have already participated in bug bounty programs yourself!
    We would love to meet you!

How to join the mission? 🚀

  • Screening with Alex, our Tech Talent Acquisition Manager, to better understand your background, aspirations and answer your questions (45 minutes)
  • Interview with Irène, our Head of Security, to discuss your experience and the role in more detail (60 minutes)
  • Technical Interview with the Security squad (90 minutes)
  • Final interview with a C-Level to discuss Malt’s long term vision
At Malt, we are committed to fostering an inclusive and diverse workplace. We recruit based on skills, experience, and potential, without any form of discrimination related to age, gender, sexual orientation, ethnicity, religion, or disability. Our mission is to create a work environment where everyone feels valued, respected, and safe to thrive.
Apply now Apply later

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Job stats:  1  0  0

Tags: Application security C Cloud DAST Elasticsearch GCP GitLab IDS Incident response IPS Java JavaScript Kotlin Kubernetes MongoDB Monitoring OWASP PostgreSQL Product security Python RabbitMQ Redis SAST SIEM Terraform TypeScript Vulnerability management

Perks/benefits: Career development Team events

Region: Europe
Country: France

More jobs like this

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.