Application Security Engineer Porto

Application Security Engineer
Porto
Porto, Porto District, Portugal

Are you looking to have an impact on the daily life of millions of entrepreneurs in France (and tomorrow in Europe)?

Are you looking for a work environment that values trust, proactivity, and autonomy?

Are our Engineering principles aligned with your vision?

Then Pennylane is the right place for you!

Our vision

We aim to become the most beloved financial Operating System of French SMEs (and soon, European ones).

We help entrepreneurs rid themselves of
- consuming tasks related to accounting and finance while providing them with access to key financial information to assist in making the best decisions for their business.

About us

Pennylane is one of the fastest growing Fintechs in France (and soon to be in Europe!).

In 4 years of existence, we’ve managed to:

1. Make ourselves known as a groundbreaking accounting and financial software for small businesses and their accountants.
2. Raise a total of €150 million, including from Sequoia, the famous fund from Silicon Valley.
3. Grow from 7
   - founders to 550+ happy Pennylaners.
4. Build an international environment with more than 25 nationalities.
5. Earn the trust of thousands of customers and accounting firms.

Already more than 350, 000 small and
- sized enterprises (SMEs) and over 4, 500 accounting firms use Pennylane in France!

WHY this position is of utmost importance to reach our mission

We are looking for an Application Security Engineer to join Louis and Romain in the technical security team. Reporting directly to Guillaume, our Head of Information Security, you will be responsible for all technical matters involving security issues. You will have a key role in advising, assisting, informing, training and alerting all employees (especially developers).

The technical security team is involved from the identification/detection of a security issue to its resolution.

Your tasks

You will be required to work on:

• All technical security issues/projects while providing technical support on compliance needs.
• Security by design within the projects by discussing with the teams to consider the security risks.
• Ensure the security of the main Web application in Ruby on Rails and React.
• Conduct and perform regular security assessments on the applications and the infrastructure.
• Ensure compliance with ISO 27001 controls related to development.
• Conducting code reviews from a secure development point of view.
• Build/Improve secure development training materials and conduct regular training sessions.
• Learn about Rails and React to detect vulnerabilities during code reviews.

These missions are not exhaustive and remain evolving.

You’re the right candidate if

You are mid/senior level in defensive or offensive application security. Working in an English-speaking environment doesn't scare you. You ideally have the following skills/experience:

• Able to perform offensive security assessments.
• Experience in a programming language (Ruby, Python, Java
  Script).
• Experience in cloud infrastructure security.
• Ability to popularize technical terms.
• Autonomous, proactive and organized.

Bonus: if you have already developed in Ruby or React and/or if you have technical application security certifications.

What do we do to make your work life easier?

• You’ll be able to work fully from home or any
  - working space in France.
• You’ll have a competitive compensation package.
• You’ll get company shares.
• You’ll have additional days off.
• You’ll have lunch credits.
• You’ll have great healthcare cover.
• You’ll have a budget to turn your home into a more comfortable workspace.
• You’ll have access to fitness spaces and wellness activities.

What does the recruitment process look like?

- You will first have a general chat with Maxime (Technical Recruiter).

- Then you’ll meet Louis and Romain - Application Security Engineers.

- Finally, a last culture fit meeting with one of our
- founders.

We make sure we move fast; you can expect the recruitment process with us to last between 15 and 25 days in total.

Who are we looking for?

To thrive at Pennylane, you need:

• To speak English.
• To be energized by an
  - shifting work environment.
• To be highly collaborative.
• Sufficiently experienced to prioritize
  - led actions.

We know that some people are less likely to apply than others, if they don’t feel like they meet the full list of criteria. If you’re hesitating, we encourage you to apply.

We are committed to providing an equal employment opportunity regardless of gender, sexual orientation, origin, disabilities, or any other traits that make you who you are.