RemoteLeaf Logo
Log in Sign up

Senior Application Security Engineer

2 months ago
France, Spain, United Kingdom, Croatia, Germany, Greece, Ireland, Italy, Poland, Portugal, Romania
Full-time
Senior
Application Security Engineer
Cybersecurity
AWS CI/CD JavaScript Kubernetes Penetration Testing Python React Ruby Ruby on Rails
Apply Now
Pennylane

Pennylane

Pennylane offers an all-in-one financial management and accounting platform designed for business leaders and their accountants, enabling them to efficiently manage their finances and accounting in one place while focusing on their core business activi...

Diversified Financial Services
251-1K
Founded 2020
$97M raised
View All Jobs 23

Description

  • Ensure the security of Pennylane’s application, infrastructure, dependencies, code, and configuration.
  • Work with the Product team to integrate security from feature design through delivery.
  • Review code from a secure development perspective across a high release volume.
  • Detect vulnerabilities, propose patches, and help strengthen CI/CD security controls.
  • Secure AWS infrastructure, including the Kubernetes environment, with the DevOps team.
  • Perform regular security assessments such as code reviews, pentests, and bug bounty-related analysis.
  • Strengthen detection of malicious activity and respond to security incidents by investigating logs, blocking attacks, and recommending corrective actions.
  • Support ISO 27001 compliance for development-related controls through training, audits, and non-conformity management.
  • Build and improve secure development training materials and deliver regular training to developers.
  • Promote security awareness across the company and contribute technical input to tenders.

Requirements

  • Experience performing offensive security assessments on applications and infrastructure.
  • Ability to exploit and fix a wide range of web vulnerabilities beyond the OWASP Top 10.
  • Experience with at least one programming language such as Ruby, Python, or JavaScript.
  • Experience with cloud infrastructure security.
  • Ability to explain technical security topics to non-technical audiences.
  • Fluency in French and/or English, both spoken and written.
  • Humble, proactive, organized, and able to work well in a remote, collaborative environment.
  • Quick learner who is comfortable working across application security, cloud security, training, and ISO 27001 topics.
  • English level is assessed and appreciated according to the department.
  • Experience with Ruby on Rails, ReactJS, AWS, and Kubernetes is relevant to the role.

Benefits

  • 25 paid vacation days.
  • Competitive compensation package.
  • Company shares/equity.
  • Home office budget plus a monthly coworking allowance.
  • Access to Gymlib with 8,000 fitness spaces and 300+ wellness activities across Europe.
  • Access to Busuu for English or French language learning.
  • Latest Apple equipment.
  • Remote work from your country of residence in Europe, within a maximum two-hour time difference from CET.
  • For France-based employees: French contract, 6 to 12 RTT, 5 weeks of PTO, Swile lunch credits, and Alan Blue healthcare coverage.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Nebius

Application Security Engineer

Nebius 51-250 Internet Software & Services

Nebius is hiring an Application Security Engineer to help secure its AI cloud platform by identifying vulnerabilities, improving secure development practices, and supporting application security across the software lifecycle.

United Kingdom Europe Netherlands Czech Republic Germany Full-time Mid Level Application Security Engineer
$81k-$259k
Burp Suite Cybersecurity Go Java JavaScript Linux OpenID Connect Penetration Testing Python SAML
13 hours, 16 minutes ago
GuidePoint Security

Senior Application Security Engineer - Southeast region (Remote)

GuidePoint Security 251-1K Internet Software & Services

GuidePoint Security is hiring a senior Application Security consultant to help client organizations strengthen and operationalize their AppSec programs through a mix of advisory work, hands-on engineering, and executive-level guidance.

United States Full-time Senior Application Security Engineer
AWS Azure CI/CD DevSecOps GCP Kubernetes Secrets Management
13 hours, 46 minutes ago
Spotify

Security Engineer- Product Security

Spotify Media

Spotify is hiring a Security Engineer for Product Security to secure its platform, infrastructure, and engineering initiatives for hundreds of millions of users across London or Stockholm.

United Kingdom Sweden Full-time Mid Level Application Security Engineer
Agile C++ CI/CD Encryption Generative AI Java Python Scala TypeScript
14 hours, 1 minute ago
MLabs

Product Security Engineer

MLabs 11-50 Internet Software & Services

MLabs is hiring a Product Security Engineer to secure an enterprise-grade open-source proof-of-stake blockchain platform as it scales across protocol upgrades, EVM-compatible services, and cross-chain infrastructure.

Singapore United Kingdom Switzerland Germany Hong Kong Full-time Senior Application Security Engineer
$75k-$85k
Blockchain CI/CD Encryption gRPC Java Rust
14 hours, 16 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers