Technical Security Expert

**Why Spendesk?**
At Spendesk, we’re building the leading spend management platform for modern businesses, processing billions of euros across Europe and beyond. **Security is at the heart of what we do**: our customers trust us to safeguard their financial data, and we’re committed to raising the bar for security in fintech. Join us at a pivotal moment as we scale our platform and expand our capabilities

**Your Mission**
As a **Technical Security Expert**, you’ll have a direct impact on the security posture of one of Europe’s fastest-growing fintechs. You’ll work hand-in-hand with product and engineering teams to embed security into everything we build. You’ll combine hands-on technical work with knowledge sharing, helping us stay ahead of threats in a constantly evolving landscape.

**Key Responsibilities**

**Champion security-by-design**:Advise and collaborate with development and infrastructure teams to embed security best practices from the start of every project.

**Lead technical security reviews**:

- Conduct in-depth code reviews (TypeScript, Node.js, Python) to uncover and remediate vulnerabilities.
- Analyze third-party libraries and dependencies, including reverse engineering when needed.
- Review Infrastructure-as-Code (Terraform) and multi-tenant AWS setups.

**Drive security audits & testing**:

- Propose actionable remediation strategies to strengthen our defenses.

**Own security monitoring**:

- Oversee and maintain our SIEM (ElasticSearch, multi-node Linux).
- Develop automation tools and scripts for proactive threat detection and incident response.

**Shape security culture**: Help update policies and procedures, and raise awareness across teams through coaching, workshops, and communication.
**Stay ahead of threats**: Monitor emerging vulnerabilities and attack techniques, and recommend adaptive defense strategies.

**What we're looking for**

**Must-haves**:

- Extensive technical experience in information security (typically 8+ years), with**hands-on expertise in at least two of the following: code auditing (TypeScript/Node.js/Python), infrastructure security (AWS/Linux/Terraform), penetration testing, or SIEM management.
- Deep understanding of secure development practices and modern web architectures (microservices, cloud/PaaS/SaaS).
- Strong scripting ability (Python, Bash, etc.).
- Experience with ElasticSearch in production environments.
- Excellent communication and collaboration skills; ability to explain complex security concepts to diverse audiences.
- Fluent English.

**Nice-to-haves**:

- Experience with reverse engineering and analysis of minified/obfuscated code.
- Knowledge of security standards (ISO 27001, OWASP, etc.).
- Experience with GCP, Datadog, or Snowflake.

French language skills.

**About Spendesk**
Spendesk is the AI-powered spend management and procurement platform that transforms company spending. By simplifying procurement, payment cards, expense management, invoice processing, and accounting automation, Spendesk sets the new standard for spending at work. Its single, intelligent solution makes efficient spending easy for employees and gives finance leaders the full visibility and control they need across all company spend, even in multi-entity structures. Trusted by thousands of companies, Spendesk supports over 200,000 users across brands such as SoundCloud, Gousto, SumUp, and Bloom & Wild. With offices in the United Kingdom, France, Spain and Germany, Spendesk also puts community at the heart of its mission.

**About our people & culture**
We believe that people do their best work when they’re given the freedom to thrive and grow. That’s why liberation is at the core of everything we do. We empower Spendeskers to take ownership of their work, to navigate ambiguity, and seize every opportunity. Spendeskers come from all over the world (35+ countries and counting) but we have plenty in common: we're bold, ever-curious, committed to kindness, and tackle every challenge with a positive mindset.

**About our benefits**
Our culture is built on trust, empowerment, and growth — with benefits to match
- Flexible on-site and remote policy
- Lunch 60% funded by Spendesk (Swile Card)
- Alan Premium health insurance
- A Gymlib pass to let off steam after a productive day at work
- Access to Moka.care for emotional and mental health wellbeing
- Latest Apple equipment
- Great office snacks to fuel your day
- A positive team to work with daily

**Diversity & Inclusion**

At Spendesk, we're committed to fostering an environment where all differences are encouraged, supported and celebrated. We're building our culture for everyone, with everyone. Our goal is to attract and build a diverse, equal and inclusive team, where everyone feels welcome and we truly embrace and encourage people from all backgrounds to apply.