Security Engineer

Security Engineer

Position Overview

Malt is seeking a Security Engineer to join its growing team. As part of the Security squad within the product team, you will play a crucial role in ensuring the security of our freelancers and clients. You will also collaborate with IT to provide secure and efficient tools for all departments, addressing the evolving security landscape and potential threats.

Key Responsibilities

• Vulnerability Management:
  • Reduce the vulnerability backlog.
  • Industrialize SCA/SAST & DAST processes.
  • Maintain and improve the bug bounty program.
  • Organize internal pentests.
  • Ensure 100% of developers are trained in secure coding practices.
• Corporate & Product Security:
  • Develop and maintain the alerting system on the SIEM.
  • Respond efficiently to security alerts.
• Incident Response:
  • Identify incidents through a monitoring plan (including rule detection and associated dashboards).
  • Assess the existence and severity of incidents.
  • Efficiently resolve incidents.
• Platform Security Enhancement:
  • Design and implement solutions to proactively mitigate cybersecurity risks.
  • Detect and address unfair usage of the platform.
• Security Advocacy & Improvement:
  • Support, advise, and empower engineering teams in implementing security best practices.
  • Participate in improving the security excellence of the development team.
  • Spread security best practices across Malt.
  • Participate in communities of practice (SRE, security, back-end, front-end).
  • Continuously increase knowledge through active security and software research.
  • Participate in animating the security community of practice with members from all squads.
• Collaboration & Architecture:
  • Participate in product architecture decisions, fostering collegial decision-making.
  • Engage in discussions about best practices.

About You

• Minimum 4 years of experience in software security within an engineering team.
• Strong understanding of web application security risks, particularly OWASP, and a proven ability to implement solutions to address them.
• Comfortable with modern web applications (Single page applications, REST, Cloud infrastructure, emails).
• Familiarity with Object-Oriented programming (e.g., Java or Python).
• Proficiency in Web programming languages (JavaScript and/or TypeScript).
• Proficient in at least one Cloud platform.

Company Information

Malt is Europe's leading freelance marketplace, connecting over 700,000 talented freelancers with 70,000+ companies. Founded in 2013, Malt is transforming how work gets done through its tech-powered, human-centered platform.

What makes Malt different:

• A diverse team of 600 Malters across 6 European countries.
• A culture that champions equality (50% of our Comex are women) and inclusive growth.
• Backed by top investors including ISAI, Serena Capital, Eurazeo Growth, Goldman Sachs, and BPI.
• A mission to give everyone the freedom to work differently.

Tech Stack

• Frontend: TypeScript, Vue.js, Nuxt, Internal Design System, Stencil.js
• Backend: Kotlin, Java Spring Boot, Gradle, PostgreSQL, MongoDB, Elasticsearch, RabbitMQ, Redis
• Platform: Google Cloud Platform, Kubernetes, Terraform, ArgoCD, Gitlab CI
• Mobile: Swift, Kotlin
• Data: Big Query, Looker, Spark, Python

Malt practices continuous integration and delivery, updating the platform around 70 times per week in production. We intensively use Datadog for production monitoring and alerting.

Employment Type

FR Executive/Cadre

Salary

Information not provided.

Location Type

Information not provided.