Senior Security Engineer

Our Mission Creating the freedom for SMEs to succeed in business and beyond, by delivering Europe’s leading finance workspace. We combine business‑class tools (seamless invoicing, spend management, and pre‑accounting) with unwaveringly attentive 24/7 support, designed to help businesses breeze through all things finance. Our Journey Founded by Alexandre and Steve in July 2017, Qonto has rapidly gained trust, serving over 600,000 customers. Thanks to our wonderful team of 1,600+ Qontoers, we also made it to the LinkedIn Top Companies French ranking Our Values Customer focus — Prioritize customers in everything you do Ownership — Own your part, get things done Teamwork — Make teamwork easy Mastery — Continuously raise the bar Integrity — Always do what’s right, and respect people Our Beliefs At Qonto, we’re committed to fostering a welcoming environment where everyone can thrive. We prioritize evaluating applicants based solely on skills and potential, ensuring diversity: 55% international team members, 44% women, 20% parents. Discover the steps we took to create a discrimination‑free hiring process. ⭐ Mission: Security Engineer Join us as a Security Engineer to protect our company and our clients while adopting a pragmatic approach to security that enables us to scale the business safely and rapidly as we start the journey to become a Credit Institution ⚡ Impact As a Security Engineer, you will keep Qonto’s systems and applications bulletproof. You will audit our applications, find creative ways to abuse and secure our infrastructure, and work on exciting security features to protect our growing user base. You will join our security team led by Ayoub, our Security Director. You will report directly to Pierre, our Security Team Lead, and join a team composed of 8 Security Engineers. Responsibilities Apply your strong security expertise to secure our exciting tech stack: AWS, Kubernetes, Kafka, MacOS, Golang, and so on… Leverage your threat modeling knowledge to shape the roadmap of the team and prioritize the most impactful projects. Develop and implement internal tools to find security vulnerabilities, mitigate them, and detect suspicious behavior. Work with product and developers during system, code, and design reviews to ensure that Qonto’s applications are built according to top security standards. Share your knowledge with the team through everyday feedback and internal training. Investigate security incidents and perform forensics analysis. Enrich your security expertise and contribute to making Qonto an increasingly reputable company in the InfoSec domain. 🧠 What You Can Expect Spend time designing robust and scalable solutions. The security team at Qonto “does tech”: they build the systems on AWS, pair with developers on Go apps, and work closely with the infrastructure team on Kubernetes. Collaborate with other teams from developers to ops engineers: be a part of a team that doesn’t just “create tickets” but directly contributes to improving the system. Contribute with autonomy in the security of the system: identify vulnerabilities, perform PoC, build mitigation, and detection rules. Grow your career: the team is relatively small and in construction, so there are a lot of opportunities and things to do 🤝 Your future manager Manager: Pierre, in charge of the Security team. Background: Started career performing internal pentests for banks or European institutions. Switched to the Blue side by joining Qonto as the first security engineer and laid the foundations for many security systems like our monitoring and detection system or the web application firewall. 🏅About You Experience: Familiar with common attack scenarios, either through pentester or auditor experience or as part of a blue team working in a cloud‑based environment. Mastery Cloud experience (AWS, GCP, or similar cloud provider) — MANDATORY: hands‑on experience working with cloud infrastructure. Programming skills — MANDATORY: code and build solutions (Python expected, Golang is a plus, or any language demonstrating strong development capabilities). Strong knowledge of how web applications and the internet work and of secure coding best practices and OWASP. Ability to recognize application and system vulnerabilities and exploit them. Knowledge of safely orchestrating deployments on CI/CD pipelines (handling secrets, avoiding cache poisoning, isolating jobs, etc.). Experience investigating security incidents using forensics tools. Mindset Problem‑solving: pragmatic and solution‑oriented. Continuous improvement: willing to learn about new technologies. Curiosity: curious, open‑minded, passionate about information security. Teamwork: good communication skills and collaboration. Languages: fluent in English. 🎁 Perks Offices in Paris, Berlin, Milan, Barcelona, and Belgrade. Competitive salary package. Meal vouchers. Public transportation reimbursement. Health insurance (depending on the country). Employee well‑being initiatives: access to Moka Care, sports and wellness activities. Progressive disability and parenthood policy, childcare benefits. Monthly team events. 💬 Our hiring process Interviews with your Talent Acquisition Manager and future managers. A remote or live exercise to demonstrate your skills. On average, our process lasts 20 working days and offers usually follow within 48 hours. Additional Information To learn more about us: Qonto's Blog, Les Échos, I L'Usine Digitale, Courrier Cadres. To know how your personal data will be processed during your application process or to request its deletion, please click here. #J-18808-Ljbffr