Application Security Engineer

il y a 4 semaines

Paris, France Pennylane Temps plein

Are you looking to have an impact on the daily life of millions of entrepreneurs in France and Europe?

Do you thrive in a trustful, fast-paced environment?

Do you feel like our Engineering principles are aligned with your vision ?

Then Pennylane might be the right place for you — and you, might be the perfect fit for this role

**Our vision**

We aim to become the most beloved financial Operating System of European SMEs.

We help business owners get rid of the time consuming hassle of handling accounting and finance, while giving them access to key information that they can use to make better decisions.

Meanwhile, we’re helping accountants. By using Pennylane, rather than doing manual and repetitive tasks, they can spend more time advising and guiding their clients.

**About us**

Pennylane is one of the fastest growing Fintechs in France (and soon to be in Europe)

In 4 years of existence, we’ve managed to:
Make ourselves known as a groundbreaking accounting and financial software for small businesses and their accountants

Raise a total of €84 millions, including from Sequoia, the famous fund from the Silicon Valley who invested early in companies like Google, Facebook, Airbnb, Stripe, Paypal and much more...

‍‍‍ Grow from 7 cofounders to 370+ happy Pennylaners : we’re now recognized as one of the greatest places to work in France (but also remotely), with a 5/5 rating on Glassdoor and an e-NPS of 94.

Build an international environment with more than 26 nationalities, with a strong remote-friendly culture, where 30% of the employees are already working from all parts of Europe

Earn the trust of thousands of customers and accounting firms and obtain outstanding ratings

**WHY this position is of utmost importance to reach our mission**

We are looking for an Application Security Engineer to join Louis and Romain in the technical security team. Reporting directly to Guillaume, our Head of Information Security, you will be responsible for all technical matters involving security issues. Working with the security compliance team, you may be required to provide technical support to the team in the definition and monitoring of long-term projects designed to strengthen the security of our assets in a sustainable manner. You will have a key role in advising, assisting, informing, training and alerting all employees (especially developers). You will also be responsible for the day-to-day management of technical operations in the context of ISO 27001 certification.

The technical security team is involved from the identification/detection of a security issue to its resolution (development and implementation of the security patches). If the needs or the complexity of the patch are too great, the security team can count on the support of the developers and in particular the Security Champions team to sustain the effort.

**Your tasks**

You will be required to work on:

- All technical security issues/projects while providing technical support on compliance needs

Let’s break it down
- Security by design within the projects by discussing with the teams to consider the security risks
- To be proactive in the security projects to be carried out, to define and to prioritize them
- Ensure compliance with ISO 27001 controls (processes) related to development (mandatory code practices, validation, patch management, vulnerability management, etc.) by training developers, monitoring projects (tech, product), conducting regular internal audits and managing tech non-conformities
- Conducting code reviews from a secure development point of view (about 80 releases per day, not all of which have security implications, but it is an important and recurring topic)
- Build/Improve secure development training materials and conduct regular training sessions with the developers
- Contribute to tenders to explain our security policies and provide the necessary technical details

Learn about Rails and React to detect vulnerabilities during code reviews and implement associated patches
- Strengthen the current means of detecting malicious attempts

These missions are not exhaustive and remain evolving.
- Working in an English-speaking environment doesn't scare you, you don't need to be bilingual. You need to be able to share your ideas and thoughts well in spoken and written English and to understand what is being said. If you need help with this, we can provide you with a Busuu subscription to improve your English immediately.
- You ideally have the following skills/experience
- You know how to exploit and fix a wide range of Web vulnerabilities (not just the OWASP top 10)
- You already have an experience in a programming language (Ruby, Python, JavaScript), either for quick and dirty scripting to exploit a vulnerability or for larger projects
- You have an experience in cloud infrastructure security
- You are able to popularize technical terms to facilitate the adoption of security measures within projects or to

  • Senior Security Engineer

    il y a 2 jours

    Paris, France Swile Temps plein

    At Swile, we believe that good products can help reduce friction in daily professional life and boost employee satisfaction. Today, we provide innovative solutions in various areas such as Fintech, Travel, HR, and Employee Benefits to more than 5.5 million users in 85,000 companies in France and Brazil. Your role as a DevSecOps Engineer centers around...

  • Application Security Engineer H/F

    il y a 2 semaines

    PARIS, 75000, Ile-de-France Pennylane Temps plein

    We aim to become the most beloved financial Operating System of European SMEs.We help business owners get rid of the time consuming hassle of handling accounting and finance, while giving them access to key information that they can use to make better decisions.Meanwhile, we're helping accountants. By using Pennylane, rather than doing manual and...

  • Application Security and DevSecOps Engineer, AXA DCP

    il y a 3 semaines

    Paris, France AXA Group Temps plein

    Application Security and DevSecOps Engineer, AXA DCP London London – UK , Wroclaw – Poland, Paris – France, Milan – Italy, Barcelona or Madrid – Spain AXA’s Management Committee is driving a unique strategic initiative - Digital Commercial Platform (DCP) – designed to transform AXA’s value proposition. Through DCP, AXA will serve...

  • Application Security and DevSecOps Engineer, AXA DCP

    il y a 2 semaines

    Paris, France AXA Group Temps plein

    Application Security and DevSecOps Engineer, AXA DCP London London – UK , Wroclaw – Poland, Paris – France, Milan – Italy, Barcelona or Madrid – Spain AXA’s Management Committee is driving a unique strategic initiative - Digital Commercial Platform (DCP) – designed to transform AXA’s value proposition. Through DCP, AXA will serve...

  • Senior Software Security Engineer

    il y a 3 semaines

    Paris, France P1 Security S.A.S. Temps plein

    **About P1 Security**: Founded in 2011 by serial entrepreneur and security expert Philippe Langlois, P1 security is on a mission to secure critical and sovereign mobile networks by providing services and technologies to identify, detect and recover from critical threats and vulnerabilities. P1 Security is one of the very few companies in the world tackling...

  • Security Solutions Architect

    Il y a 2 mois

    Paris, France Kudelski Security Temps plein

    We are looking for an experienced Security Solution Architect whose role will be to help our customers to build a Secure Future. In collaboration with our Sales and security engineering Teams, you will bring our clients outstanding technologies and services.You offer us :A solid expertise in cybersecurityExperience in specifying/offering SOC or MSS –...

  • Security Engineer

    il y a 5 jours

    Paris, France Scaleway Temps plein

    Depuis 1999, Scaleway, filiale du groupe Iliad, figure parmi les leaders du cloud computing Européen. Forte d'une équipe dynamique de près de 600 collaborateur(ice)s issus de tous horizons, notre entreprise offre un environnement de travail stimulant et international où se mêlent créativité, innovation et excellence technique. Situés à Paris et...

  • Security Engineer

    Il y a 2 mois

    Paris, France Groupe iliad Temps plein

    Le poste Depuis 1999, Scaleway, filiale du groupe Iliad, figure parmi les leaders du cloud computing Européen.Nous proposons à nos plus de 25 000 clients un catalogue diversifié de 80 produits dédiés à la création, au déploiement et à la mise à l'échelle d'applications de pointe.Forte d'une équipe dynamique de près de 600...

  • Security Engineer

    il y a 2 semaines

    Paris, France Groupe iliad Temps plein

    Le poste Depuis 1999, Scaleway, filiale du groupe Iliad, figure parmi les leaders du cloud computing Européen.Nous proposons à nos plus de 25 000 clients un catalogue diversifié de 80 produits dédiés à la création, au déploiement et à la mise à l'échelle d'applications de pointe.Forte d'une équipe dynamique de près de 600...

  • Associate Security Engineer

    il y a 1 semaine

    Paris, France Check Point Software Technologies Ltd. Temps plein

    **Your Team**: Are you a graduate that wants to make a career as a Security Engineer? Are you looking for a company to invest in your development? Look no further.. Here at **Check Point** we want to ensure we propel your career by taking you on a journey that puts you at the center of the learning. Be part of the most innovative international team of...

  • Security Engineer H/F

    il y a 2 semaines

    PARIS, France Free Temps plein

    Depuis 1999, Scaleway, filiale du groupe Iliad, figure parmi les leaders du cloud computing Européen.Nous proposons à nos plus de 25 000 clients un catalogue diversifié de 80 produits dédiés à la création, au déploiement et à la mise à l'échelle d'applications de pointe.Forte d'une équipe dynamique de près de 600 collaborateur(ice)s...

  • Head of Application Security

    il y a 1 semaine

    Paris, France M-KOPA Temps plein

    **We are looking for a Head of Application Security to lead our Application Security Team; **which provides intelligence on hacking of M-KOPA devices that in turn helps us strengthen and expand the digital and financial inclusion of our customers.**: **Overview**: This role would involve conducting in-depth hardware penetration testing / research,...

  • Security Engineer H/F

    il y a 2 semaines

    PARIS, France Scaleway Temps plein

    About the job :Our mission as a SOC & CSIRT Team is to ensure that our infrastructure and the one from our client is safe. You will participate in the design of our global security architecture and also train and raise awareness about security in our company.As a Security Engineer you will raise and monitor major security events, designing and building a...

  • Security Engineer H/F

    il y a 2 semaines

    PARIS, 75000, Ile-de-France Free Temps plein

    Depuis 1999, Scaleway, filiale du groupe Iliad, figure parmi les leaders du cloud computing Européen.Nous proposons à nos plus de 25 000 clients un catalogue diversifié de 80 produits dédiés à la création, au déploiement et à la mise à l'échelle d'applications de pointe.Forte d'une équipe dynamique de près de 600 collaborateur(ice)s...

  • Physical Security Engineer

    il y a 2 semaines

    Paris, France MPH Global Services Temps plein

    Industry: Oil & Gas City/Country: Paris, France Location: Paris, Île-de-France We are looking for a **Physical Security Engineer **for one of our clients with the following details: **Type of contract : CDI ( permanent Contract)** **Location: Paris** **Start Date: ASAP** Job Qualifications and Area of Expertise: - Bac+2/3, Electrical Engineering...

  • Security Engineer H/F

    il y a 2 semaines

    PARIS, 75000, Ile-de-France Scaleway Temps plein

    About the job :Our mission as a SOC & CSIRT Team is to ensure that our infrastructure and the one from our client is safe. You will participate in the design of our global security architecture and also train and raise awareness about security in our company.As a Security Engineer you will raise and monitor major security events, designing and building a...

  • Vulnerability Security Engineer

    il y a 1 mois

    Paris, France MANGOPAY Temps plein

    Company Description **Who are we ?** MANGOPAY’s vision is to fuel the success of the platform economy. We empower the platform economy with our platform-specific payment infrastructure. Since 2013, we have supported 2,500+ clients in e-commerce, retail, and cutting-edge platforms. MANGOPAY has developed a payment solution that aims to fuel the success...

  • Lead Security Engineer

    il y a 3 semaines

    Paris, France Dataiku Temps plein

    Headquartered in New York City, Dataiku was founded in Paris in 2013 and achieved unicorn status in 2019. Now, more than 1,000+ employees work across the globe in our offices and remotely. Backed by a renowned set of investors and partners including CapitalG, Tiger Global, and ICONIQ Growth, we’ve set out to build the future of AI. **The...

  • Security Engineer Cloud

    il y a 2 semaines

    Paris, Île-de-France Cherry Pick Temps plein

    Cherry Pick est à la recherche d'un "Security Engineer Cloud" pour un client dans le secteur du Retail à ParisContexte de la missionLe client a besoin de construire des fondations solides pour ses services. La Cloud Platform Engineering (CPE), initiative collaborative lancée en 2020, a pour but de répondre à cela.La CPE est transverse à l'ensemble des...

  • Security Engineer Cloud

    il y a 1 mois

    Paris, Île-de-France Cherry Pick Temps plein

    Cherry Pick est à la recherche d'un "Security Engineer Cloud" pour un client dans le secteur du Retail à ParisContexte de la missionLe client a besoin de construire des fondations solides pour ses services. La Cloud Platform Engineering (CPE), initiative collaborative lancée en 2020, a pour but de répondre à cela.La CPE est transverse à l'ensemble des...