Application Security Engineer (Fintech)

TL;DR

Application Security Engineer (Fintech): Ensuring the security of hirify.global's application and infrastructure with an accent on integrating security into features from design to delivery. Focus on vulnerability management, compliance with ISO 27001 controls, and improving security awareness throughout the company.

Location: You'll be able to work remotely from your country of residence, as long as it is in Europe and within a maximum time difference of two hours from the CET time zone

Company

hirify.global is a fast-growing Fintech in France, providing accounting and financial software for small businesses and their accountants.

What you will do

• Ensure the security of hirify.global’s application and infrastructure.
• Engage with the Product Team to integrate security into features from design to delivery.
• Conduct code reviews from a secure development point of view and detect vulnerabilities.
• Secure the AWS infrastructure, including its Kubernetes environment, in collaboration with the DevOps team.
• Ensure compliance with ISO 27001 controls related to development by training developers and conducting internal audits.
• Improve security awareness throughout the company and contribute to tenders by explaining security policies.

Requirements

• Able to perform offensive security assessments on an infrastructure and an application.
• Know how to exploit and fix a wide range of Web vulnerabilities and are able to explain them to non-technical person.
• Experience in a programming language (Ruby, Python, JavaScript).
• Experience in cloud infrastructure security.
• Fluent in French and/or English (both oral and written).
• You are a team player, and working with remote colleagues is not an issue for you

Culture & Benefits

• 25 vacation days paid by hirify.global, wherever you are based.
• Competitive compensation package and company shares.
• Budget to turn your home into a comfortable workspace and a monthly allowance for coworking.
• Access to fitness spaces and wellness activities through Gymlib.
• Access to Busuu to perfect your English or French.
• Regular company events, such as Tech Days and an annual company seminar.

Hiring process

• General chat with Talent Acquisition (30min).
• Technical interview with the AppSec Team Lead and a team member (1h).
• Independently carry out the technical challenge for the next 48h.
• Discuss your solutions with the team (1h).
• Culture fit meeting with the Head of Security (1h).