Senior Application Security Engineer
Il y a 6 mois
A better internet, where privacy is the default, is possible. Building this better internet might seem daunting or even unthinkable, but at Proton, this is what we do every day.
Proton was founded in 2014 by a group of scientists who met at the European Organization for Nuclear Research (CERN). Our first product, Proton Mail, is now the world’s largest encrypted email service. Subsequent Proton products, such as Proton VPN, Proton Calendar, Proton Drive and Proton Pass give our users full control over how and with whom their data is shared.
Today, Proton makes privacy universally accessible. Journalists from outlets like The Guardian and The New York Times, some of the world’s largest organizations, and people in more than 180 countries have signed up for over 100 million accounts. Our diverse and dynamic team is made up of more than 400 members representing over 40 different nationalities. While we are based in Geneva, Switzerland, we have offices in Zurich, Prague, London, Vilnius, Skopje, Taipei, Paris, Barcelona and many more employees working remotely around the world.
Join one of Europe’s fastest-growing companies to help us solve challenging problems and build new products that will reach hundreds of millions of people. We want to create more than just one of the world’s most impactful tech companies; we want to create a new internet that serves the interests of all people. We need you, your voice, your ideas, and your ambition to make it happen.
The Team:
The Security team is tasked with protecting Proton’s and its users against various cyber-security threats. We ensure the confidentiality, availability and integrity of thousands of assets, necessary to the fulfillment of Proton’s privacy mission. Since 2018, the team has been providing services to other business units, including security monitoring, risk management, internal advisory, product security, vulnerability management and identity & access management. Our mandate includes the protection of people, devices, applications, infrastructure, data, software and our products. We work mainly with on-prem infrastructure and open source tools.
The security team is small yet mighty. We are a close-knit group of people who work hard to help Proton achieve its mission. We strongly believe that we cannot protect our users' privacy if we do not protect the company's security.
Tech Stack and Tools:
Proton currently offers the following products: Mail, Calendar, VPN, Pass, Drive, each of which is available on multiple platforms, including Windows, MacOS, iOS and Linux. Our infrastructure is entirely composed of Linux machines. Wherever we can, we make use of open-source technologies.About the role:
You will be leading our efforts to ensure that Proton's applications are secure
What you will be doing:
Perform penetration tests on Proton products, both those released to the public and notSupport bug bounty triage by reproducing submissions and assessing their potential impactWorking with engineering teams to remediate identified bugsIdentifying and implementing improvements in product security and secure codingWork with the wider Security and developer units to create security guidelinesDemonstrate the value of an “assume breach” mentalityPerform threat modeling and security reviews: review the design of services from a security perspective to identity vulnerabilities and weaknesses in the architecture and designWhat we are looking for:
Proven experience in organizing and executing penetration tests/red team operationsA proactive and creative application security engineerA proactive and creative mindset to come up with efficient and effective ways to continuously improve the security of our productsExpertise in threat modeling Experience with at least two of the following iOSAndroidWindowsMacOSLinux Strong skills in coding and code review for at least two of the following GoRustPythonNice to have:
Experience or knowledge about open source tools for application security testing Experience in automationA toolbox for application security testingExperience or knowledge of infrastructure penetration testsEven if you don’t meet all the requirements listed above, but feel you could still be a great fit, please still apply.
Why should you join Proton?
Be part of a movement - Proton is not just a product or service but a community-driven movement united by a shared vision of online freedom. Our services are open source, audited, and supported by community contributions. We give back to our community by maintaining core encryption libraries and by supporting other organizations furthering the same goals as us. Proton is free, open source, neutral, independent, and community first, while remaining financially sustainable.Work with smart and dedicated people - Our team is diverse, collaborative, and tight-knit with people coming from all walks of life, including many of the world’s top academic institutions and organizations, such as MIT, Harvard, Stanford, Caltech, Cambridge, and ETH.Join a strong brand - Our encrypted email service - Proton Mail - has grown to be a staple of online security and privacy. Proton has been featured in multiple popular television and film productions, such as Mr. Robot, Knives Out, Sounds of Metal, and more.Grow with us - We’re one of Europe’s fastest-growing startups, doubling in size every year. Our growth gives you limitless career and educational opportunities as well as the opportunity to work side-by-side with many world-leading experts in their fields.Have your voice heard - We value your opinion and encourage you to speak up and share your ideas and thoughts. At Proton, no problem is someone else’s problem. We collectively strive to do the right thing and be the undisputed best in the world at everything we do.Benefits – these vary by location and type of contract but expect support on your vacation, parental leave, refreshment if working from the office, learning and development opportunities, equity for shared success, flexible working hours and remote work, company events and team building activities.Proton does not accept unsolicited resumes from any sources other than directly from a candidate. Proton will not pay a fee for any placement resulting from the receipt of an unsolicited offer, even in a situation when the relevant candidate is employed by Proton.
-
Senior DevSecOps Engineer
il y a 3 semaines
Paris, Île-de-France Aqua Security Temps pleinAbout Aqua SecurityAqua bridges the gap between DevOps and security, promoting business agility and accelerating digital transformation.Salary Range:$120,000 - $180,000 per annum, depending on experience.Job Description:As a Senior DevSecOps Engineer at Aqua, you will play a critical role in ensuring the security of running software containers. Your...
-
Senior Security Engineer
Il y a 7 mois
Paris, France Swile Temps pleinAt Swile, we believe that good products can help reduce friction in daily professional life and boost employee satisfaction. Today, we provide innovative solutions in various areas such as Fintech, Travel, HR, and Employee Benefits to more than 5.5 million users in 85,000 companies in France and Brazil. Your role as a DevSecOps Engineer centers around...
-
Senior Cloud Security Engineer
il y a 3 semaines
Paris, Île-de-France Datadog Temps pleinJob DescriptionWe are seeking a skilled Senior Cloud Security Engineer to join our SDLC Security team at Datadog. In this role, you will play a critical part in securing our software supply chain and ensuring the integrity of our internal and client-facing applications.About DatadogAs a global leader in cloud monitoring and security, Datadog is on a mission...
-
Senior Security Engineer PTA
Il y a 2 mois
Paris, Île-de-France P1 Security Temps pleinWe are seeking a senior software security engineer to maintain, troubleshoot, upgrade and enhance P1 Telecom Auditor (PTA), our automated telecom vulnerability and security scanner.Our team is remote-first, with a reasonable amount of overlap with Central European Time, as this is where the majority of the team is based and real-time collaboration is often...
-
Cloud Security Engineer
il y a 2 semaines
Paris, Île-de-France Aqua Security Temps pleinCompany OverviewAqua Security is a leading provider of cloud-native security solutions, helping enterprises secure their applications from development to production.We are a global scale-up company with a strong track record of innovation and growth, and we're looking for talented individuals to join our team.About the RoleThis is an exciting opportunity to...
-
Field Applications Engineer – Security Silicon IP
Il y a 2 mois
Paris, France IC Resources Temps pleinField Applications Engineer – Security Silicon IP Are you an experienced Field Applications Engineer with a passion for embedded security, semiconductor IP and cryptography? Join a global leader in Security Silicon IP as a Field Applications Engineer and play a key role in bringing cutting-edge customer solutions to life. The Role: As a Field Applications...
-
Security Engineering Manager
il y a 3 semaines
Paris, France Datadog Temps pleinDatadog Application Security Management (ASM) allows customers to manage application security risk with continuous, real-time monitoring of vulnerabilities and threats against your web applications, serverless applications, and APIs, in production. Automatically integrated with Application Performance Monitoring (APM) distributed tracing and code-level...
-
Senior Software Security Engineer PTA
il y a 3 semaines
Paris, France P1 Security Temps pleinWe are looking for a senior software/security engineer to join our team to maintain troubleshoot upgrade and enhance P1 Telecom Auditor (PTA) our automated telecom vulnerability and security scanner. Our teams are remotefirst but your working hours will need to have a reasonable amount of overlap with Central European Time as this is where the majority of...
-
Cloud Security Engineer
il y a 3 semaines
Paris, Île-de-France Aqua Security Temps pleinJob DescriptionAqua Security is seeking a seasoned Cloud Security Engineer to join our team as we continue to revolutionize cloud-native security.About the RoleWe are looking for an experienced engineer with a strong background in cloud security and architecture to design, implement, and maintain secure cloud solutions for our enterprise clients. The ideal...
-
Application Security Engineer
Il y a 7 mois
Paris, France Pennylane Temps pleinAre you looking to have an impact on the daily life of millions of entrepreneurs in France and Europe? Do you thrive in a trustful, fast-paced environment? Do you feel like our Engineering principles are aligned with your vision ? Then Pennylane might be the right place for you — and you, might be the perfect fit for this role **Our vision** We aim to...
-
Security Researcher
il y a 4 semaines
Paris, France Datadog Temps pleinThe Security Research team at Datadog performs cutting-edge research and development in Cloud Security, Threat Research, Application Security, and Detection Engineering to further equip Datadog customers with the best protection against threat actors targeting their production infrastructure. As part of the overall Security Research organization, you will...
-
Security Researcher
il y a 3 semaines
Paris, France Datadog Temps pleinThe Security Research team at Datadog performs cutting-edge research and development in Cloud Security, Threat Research, Application Security, and Detection Engineering to further equip Datadog customers with the best protection against threat actors targeting their production infrastructure. As part of the overall Security Research organization, you will...
-
Senior Security Engineer
il y a 5 jours
Paris, France JobTeaser Temps plein**Experience **:3 to 5 years - **Related jobs **:Programming - **Industries **:Digital / E-commerce, Recruitment / Training - **Remote work type **:Not specified - **Business type **:Start-up - **Application deadline **:The job will be removed when the position is filled **Company Description** **Who are we?** Serving 4 million students and recent...
-
Digital Security Strategist
il y a 2 semaines
Paris, Île-de-France Aqua Security Temps pleinJob OverviewAqua Security is seeking a seasoned Digital Security Strategist to join their team. This role requires expertise in providing subject-matter guidance on the security of running software containers.Key ResponsibilitiesCollaborate with enterprise clients to assess and improve their container security postureDevelop and implement comprehensive...
-
Security Researcher
il y a 3 semaines
Paris, France Datadog Temps pleinThe Security Research team at Datadog performs cutting-edge research and development in Cloud Security, Threat Research, Application Security, and Detection Engineering to further equip Datadog customers with the best protection against threat actors targeting their production infrastructure. At Datadog, we place value in our office culture - the...
-
Senior Application Security Lead
il y a 1 semaine
Paris, Île-de-France Datadog Temps pleinJob OverviewWe are seeking an experienced Engineering Manager I to lead our open-source security libraries team. As a key member of our engineering organization, you will oversee one or more of our open-source security libraries in Ruby, Python, or Go, manage a team of 3+ Engineers, and contribute to library development, integration of new security...
-
Engineering Manager I
il y a 3 semaines
Paris, France Datadog Temps pleinDatadog Application Security Management (ASM) allows customers to manage application security risk with continuous, real-time monitoring of vulnerabilities and threats against your web applications, serverless applications, and APIs, in production. Automatically integrated with Application Performance Monitoring (APM) distributed tracing and code-level...
-
Engineering Manager I
il y a 4 semaines
Paris, France Datadog Temps pleinDatadog Application Security Management (ASM) allows customers to manage application security risk with continuous, real-time monitoring of vulnerabilities and threats against your web applications, serverless applications, and APIs, in production. Automatically integrated with Application Performance Monitoring (APM) distributed tracing and code-level...
-
Security Engineer I, Offensive Security Penetration
il y a 5 heures
Paris, France Amazon Technological Services Temps plein1+ years of experience in a penetration testing or information security role - 1+ years of experience with dynamic and manual code auditing to identify security issues - 1+ years of experience with interpreted or compiled languages (e.g. Python, Ruby, C/C++, Java,.NET) - Experience with threat modeling, design review, or other threat analysis techniques -...
-
Senior Software Security Engineer
Il y a 7 mois
Paris, France Ledger Temps plein**We're making the world of digital assets accessible and secure for everyone. Join the mission.** Founded in 2014, Ledger is the global platform for digital assets and Web3. Over 20% of the world’s crypto assets are secured through our Ledger Nanos. Headquartered in Paris and Vierzon, with offices in UK, US, Switzerland and Singapore, Ledger has a team...
