Senior Application Security Engineer
M&T BankSalary not specified
Full Time
Senior (5 to 8 years), Expert & Leadership (9+ years)
Not SpecifiedCompensation
Senior (5 to 8 years), Expert & Leadership (9+ years)Experience Level
Full TimeJob Type
UnknownVisa
FinTechIndustries
Requirements
Candidates should possess a minimum of 10 years of experience in information security, demonstrating proven technical expertise. Strong experience in development and code auditing, particularly in TypeScript, Node.js, and Python is required, as well as proficiency in ElasticSearch with the ability to deploy and maintain a multi-node Linux infrastructure from scratch. Expertise in reverse engineering and analyzing minified or obfuscated code is also necessary, alongside deep knowledge of decentralized web architecture (microservices) and PaaS/SaaS providers (AWS, GCP, Datadog, Snowflake, etc.).
Responsibilities
As a Technical Security Expert, you will support developers by collaborating closely with development and infrastructure teams, discussing best practices, and promoting a security-by-design culture in projects. You will conduct in-depth code reviews to identify and fix security vulnerabilities in TypeScript code, perform dependency audits via reverse engineering, and execute infrastructure audits on Infrastructure-as-Code (IaC) Terraform within a multi-tenant AWS platform. Additionally, you will conduct tool audits, oversee SIEM management, plan and execute penetration tests, contribute to updating security policies, supervise their implementation, and stay up to date on emerging threats, vulnerabilities, and attack techniques, recommending appropriate defense strategies. Furthermore, you will develop scripts and tools to automate security tasks, including incident detection and response, and train and raise awareness among internal teams about security challenges, secure coding practices, and security tool usage.
Skills
TypeScript
Node.js
Python
ElasticSearch
Linux
Reverse Engineering
AWS
GCP
Datadog
Snowflake
Penetration Testing
Bash
Microservices
Spendesk
Financial technology for expense management
About Spendesk
Spendesk offers a financial technology platform that helps businesses manage their spending more effectively. The platform provides finance teams with a clear overview of all company expenses, including both virtual and physical transactions. It allows users to track expenses, validate them, and maintain a traceable workflow, which helps automate the expense management process while ensuring control over spending. Spendesk is designed to be user-friendly, with a high satisfaction rate among its clients, who find it easy to transition to the platform. Unlike many competitors, Spendesk captures over 95% of receipts on time, giving businesses real-time visibility into their expenditures. The company operates on a subscription model with no hidden fees, making it accessible for businesses of various sizes. The main goal of Spendesk is to streamline financial processes for companies, enabling them to make faster and smarter spending decisions.
Paris, FranceHeadquarters
2016Year Founded
$279.6MTotal Funding
SERIES_CCompany Stage
Fintech, Financial ServicesIndustries
201-500Employees
Benefits
Transport reimbursements - Monthly contribution to your transportation card (metro, bus or train).
Offsite and events - Regular team events to exchange with other Spendeskers and get to know each other better
Personal Day - 3 personal days per year to rest and enjoy life
€50 on your Spendesk card - To buy anything you need for work
For Spendeskers with kids - Generous parental leave & a lot of flexibility for working parents
Great offices - In the hearts of Berlin, London, Paris, and San Francisco.
Risks
Increased competition from fintech companies may erode Spendesk's market share.
Regulatory risks arise from operating a payment institution with Spendesk Financial Services.
Geopolitical risks may impact expansion into new markets with Adyen's banking licenses.
Differentiation
Spendesk offers a comprehensive spend management solution with real-time expense visibility.
The platform integrates seamlessly with existing accounting and financial software via APIs.
Spendesk Financial Services provides end-to-end control over payment services infrastructure.
Upsides
ISO 27001:2022 certification enhances Spendesk's reputation for information security.
Partnership with Adyen supports global expansion and compliance across key markets.
Procure-to-pay solution expands product offerings for European SMBs.
Related Jobs
RemoteRemoteSenior Security Engineer
BraceSalary not specified
- Full Time
- Senior (5 to 8 years)
RemotePrincipal DevSecOps Engineer
Second Front SystemsSalary not specified
- Full Time
- Senior (5 to 8 years)
RemoteSecurity Engineer, Cloud Security
Red Cell PartnersSalary not specified
- Full Time
- Senior (5 to 8 years), Expert & Leadership (9+ years)
RemoteSecurity Architect
EarnestSalary not specified
- Full Time
- Expert & Leadership (9+ years)
RemoteSenior Penetration Tester
HumanaSalary not specified
RemoteCode Edit Disputes Medical Coder
HumanaSalary not specified
RemoteSr. Information Security Analyst
ValonSalary not specified
- Full Time
- Senior (5 to 8 years)
RemoteSales Engineer - Federal
SpyCloudSalary not specified
- Full Time
- Expert & Leadership (9+ years)
RemoteSoftware Engineer, Security
Render$193,000 - $265,000/year
- Full Time
- Senior (5 to 8 years), Expert & Leadership (9+ years)
RemoteSecurity Engineer, Infrastructure Security
OpenAI$292,500 - $405,000/year
- Full Time
- Junior (1 to 2 years)
RemoteEngineering Manager - Release Monitoring
LaunchDarklySalary not specified
RemoteSenior Security Analyst, Vulnerability Management
VantaSalary not specified
RemoteSecurity Operations Lead
EarnestSalary not specified
- Full Time
- Senior (5 to 8 years), Expert & Leadership (9+ years)
RemoteSecurity Analyst
Qualified.com$130,000 - $145,000/year
- Full Time
- Junior (1 to 2 years)