RemoteLeaf Logo
Log in Sign up

Senior Application Security Engineer

4 weeks ago
France, Spain, United Kingdom, Croatia, Poland, Portugal, Romania, Germany, Greece, Ireland, Italy
Full-time
Senior
Application Security Engineer
Cybersecurity
AWS CI/CD JavaScript Kubernetes Penetration Testing Python React Ruby Ruby on Rails
Apply Now
Pennylane

Pennylane

Pennylane offers an all-in-one financial management and accounting platform designed for business leaders and their accountants, enabling them to efficiently manage their finances and accounting in one place while focusing on their core business activi...

Diversified Financial Services
251-1K
Founded 2020
$97M raised
View All Jobs 23

Description

  • Ensure the security of Pennylane’s application, infrastructure, dependencies, code, and configuration.
  • Work with the Product team to integrate security from feature design through delivery.
  • Review code from a secure development perspective across a high release volume.
  • Detect vulnerabilities, propose patches, and help strengthen CI/CD security controls.
  • Secure AWS infrastructure, including the Kubernetes environment, with the DevOps team.
  • Perform regular security assessments such as code reviews, pentests, and bug bounty-related analysis.
  • Strengthen detection of malicious activity and respond to security incidents by investigating logs, blocking attacks, and recommending corrective actions.
  • Support ISO 27001 compliance for development-related controls through training, audits, and non-conformity management.
  • Build and improve secure development training materials and deliver regular training to developers.
  • Promote security awareness across the company and contribute technical input to tenders.

Requirements

  • Experience performing offensive security assessments on applications and infrastructure.
  • Ability to exploit and fix a wide range of web vulnerabilities beyond the OWASP Top 10.
  • Experience with at least one programming language such as Ruby, Python, or JavaScript.
  • Experience with cloud infrastructure security.
  • Ability to explain technical security topics to non-technical audiences.
  • Fluency in French and/or English, both spoken and written.
  • Humble, proactive, organized, and able to work well in a remote, collaborative environment.
  • Quick learner who is comfortable working across application security, cloud security, training, and ISO 27001 topics.
  • English level is assessed and appreciated according to the department.
  • Experience with Ruby on Rails, ReactJS, AWS, and Kubernetes is relevant to the role.

Benefits

  • 25 paid vacation days.
  • Competitive compensation package.
  • Company shares/equity.
  • Home office budget plus a monthly coworking allowance.
  • Access to Gymlib with 8,000 fitness spaces and 300+ wellness activities across Europe.
  • Access to Busuu for English or French language learning.
  • Latest Apple equipment.
  • Remote work from your country of residence in Europe, within a maximum two-hour time difference from CET.
  • For France-based employees: French contract, 6 to 12 RTT, 5 weeks of PTO, Swile lunch credits, and Alan Blue healthcare coverage.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Funding Societies

Product Security Intern

Funding Societies 251-1K Capital Markets

Funding Societies | Modalku is seeking a Product Security Intern to help strengthen secure software development and security automation across its engineering environment using Generative AI and modern security tooling.

India Indonesia Malaysia Singapore Thailand Full-time Entry Level AI Engineer Application Security Engineer
Bash CI/CD Cybersecurity Encryption Generative AI Git Go JavaScript LLM Penetration Testing Python
3 hours, 20 minutes ago
Onit

Senior Application Security Engineer

Onit 251-1K IT Services

Onit is hiring a Senior Application Security Engineer in Pune to secure its SaaS applications, APIs, and AI-driven platform through hands-on security architecture, risk assessment, and vulnerability management.

India Full-time Senior Application Security Engineer
AWS Azure CI/CD DevSecOps GCP GraphQL OAuth OpenID Connect REST API SAML SonarQube System Design
12 hours, 53 minutes ago
Airtable

Product Security Engineer

Airtable 1K-5K IT Services

Airtable is hiring a Product Security Engineer to secure its application layer as the platform expands its AI and LLM-powered offerings.

United States Full-time Senior Application Security Engineer
$187k-$260k
JavaScript Node.js Penetration Testing TypeScript
17 hours, 36 minutes ago
Chainguard

Staff Product Security Engineer

Chainguard 51-250 Internet Software & Services

Chainguard is hiring a Staff Product Security Engineer to embed security into cloud-native product delivery, harden Kubernetes and CI/CD environments, and reduce supply chain risk across its open source build platform.

Canada Full-time Lead Application Security Engineer
AWS CI/CD GCP GitHub Actions Go Kubernetes OWASP Penetration Testing Python Secrets Management Tekton
1 day, 17 hours ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers