Security Engineer

    Malt Published: June 22, 2022
    Remote, France
    Job Type


    About Malt

    Malt is the fastest-growing European marketplace connecting over 280 000 freelancers with more than 30 000 clients in search of talent to contribute to their projects.

    Our platform provides a simple and secure one-stop shop for all the administrative, legal, and payment processes involved in freelancing.

    Founded in 2013 by serial entrepreneur Vincent Huguet and tech freelancer Hugo Lassiège, our French scale-up aims to revolutionize the world of work by creating a community in which everyone is free to choose the best people to work with.

    We are a tech company with a human approach : - Over 300 Malters sharing one culture- Committed to equality and diversity (50% women / men parity of Malt Leaders)- Offices in France, Spain, Germany, Belgium and Netherlands- 112 M € raised with ISAI, Serena, Eurazeo Growth & Goldman Sachs.

    Twice recognized by LinkedIn as one of the best start-ups to work at Join us and become part of the #NewWorkOrder !

    Our Challenges Business - internationalization, payment, integration with third-party services, automatic moderation, recommendation, etc.

    Technical - scalability, support, security, distributed architecture, search engine, machine learning, etc. Tech Culture at Malt Knowledge sharing is part of our DNA.

    We organize many events : - Malt Academy allows everyone to access quality presentations to learn. As a member of the team, you will be encouraged to actively participate.

    Malt Tech Training Sessions or Malt Tech Days to share knowledge and practices within the team. We regularly participate in technical meetups or conferences.

    You will have the possibility to attend the events that interest you, we take care of everything and we leave you time to prepare for your interventions if you are a speaker.

    • We have Communities of practice (guilds) created to share knowledge on front-end development, security, data or backend architecture- Code retreats once a year in various places (Madrid, Porto, Barcelona, Seville.
    • to stimulate your creativity. Our Technical Stack - Backend development : Java, Kotlin, MongoDB, Elasticsearch, RabbitMQ, PostgreSQL, Spring boot, Redis- Frontend Development : Javascript, Typescript, VueJS, Gulp, Webpack- Ops : Google Cloud Platform, Docker, Kubernetes, Terraform- Data : BigQuery, SQL, Python, Spark, Scala- Mobile : Kotlin, Swift About the role Malt is growing rapidly.

    In order to achieve our ambitious goals, we are offering you the opportunity to join Malt as a Security Engineer. The Security team is part of the product team that is in charge of making the most secured marketplace possible for our freelancers and clients.

    This team also supports all the company to provide the tools needed to make work secure and easy. The security team is extended to face the challenges of threats and changing security landscape The product team is also the meeting of various skills.

    It is composed of about forty people : - Front-end software engineers (Javascript, TypeScript, VueJS, VanillaJS)- Software engineers back (Java, Kotlin)- Product managers- UX designers- Cloud engineers - Data engineers, data scientists & data analystsWe are organized in tribes.

    Each tribe is responsible for a part of the product (user research, design, architecture, support, technical debt, production.

    and imagines the best solutions to reach the product OKRs and thus contribute directly to the company's growth. At Malt, we believe that curiosity is an asset.

    The whole team participates in the product architecture, all decisions are collegial and we regularly engage in discussions on the best way to do things.

    The team also actively participates in writing articles on our blog, .

    As a Security Engineer, your missions will be

    • Design and implement solutions to secure our platform, whether it be in the prevention of cybersecurity risks or in the detection of fraud,
    • Incident response : definition and implementation of the monitoring plan (detection rules and associated dashboard), detection, qualification and remediation of incidents,
    • Data governance : classification, monitoring, access and permission management,
    • Reduction of the attack surface : vulnerability scanning, hardening and best practices,
    • Follow the bug bounty program and external audits,
    • Guide and advise the development teams in the implementation and respect of best practices,
    • Share your knowledge with all the members of the product team and increase your knowledge thanks to an active watch in the field of security and software,
    • Automate as much as possible all his tasks (automatic tests, alerting, code analysis ...),
    • Participate in the animation of the security guild within our company.

    You will integrate the security team within the platform team.

    You will participate in the animation of our security community of practice gathering members of all teams : software, cloud and data engineers experienced and passionate about software security.

    Preferred experience

    • You have at least 2 years of experience in the field of software security within development teams.
    • You know and understand the main Web application security risks (in particular OWASP) and you master the solutions to be implemented to deal with these risks because you have already implemented them previously
    • You are comfortable with modern Web applications (Single page applications, REST, Cloud infrastructure, emails), you have notions of object programming (such as Java), Web programming languages (JavaScript and / or Typescript).

    You know one or more Cloud platforms (preferably GCP) and Kubernetes.

    • You master the security of Web applications (WAF, IDS / IPS, RASP...)
    • You have experience with security event detection tools, SIEM or other (supervision and administration).
    • You have already worked on IAM projects (SSO, provisioning and PAM)
    • You are versatile, autonomous, proactive and demanding, you like to search for security flaws in software.
    • You may have already participated in bug bounty programs yourself!

    We would love to meet you!

    Our Recruitment process

    • Screening with Fatima, our Tech Talent Acquisition Manager, to better understand your background, aspirations and answer your questions (45 minutes)
    • Interview with Arnaud (our Head of Security), to discuss your experience and the role in more detail (60 minutes)
    • Interview with Benoit, our VP Engineering
    • Final interview with a C-Level to discuss Malt’s long term vision

    Proposal within 48h Life at Malt Our goal is to ensure your personal and professional development, which is why we provide several perks to make your life easier.

    The Tech Life at Malt - One week of onboarding - Learn about our culture and product before diving into your new role in your team Work environment - A stimulating work environment that fosters creativity, autonomy and leadership Excellent Hardware (SSD, 32 GB RAM, Multi-core) - you will have the choice between Mac, Ubuntu or Windows.

    We believe that you should not skimp on your workstation, the heart of your productivity. Offices - In Paris and Lyon Full remote - The possibility to work in full remote, but you will always be invited to our team events.

    Events : - Annual off sites : Les Arcs, Amsterdam, Séville, Agadir What’s next ?- All Hands : monthly meeting point to be updated on fresh internal news.

    • Karaoke : Our team has been karaoke fanatics since day one - Malter’s benefits - Lunch vouchers - With the Swile card, you can eat wherever you want for lunch (the team already has a list of its fave restaurants) RTT - Minimum 8 days off in addition to the legal 25 days Free books - For any subject directly or indirectly related to your work, we will order the book for you, without any approval process or headaches


    Drop files here browse files ...

    Related Jobs

    Senior Security Engineer H/F   Paris, France
    June 22, 2022