Senior Application Security Engineer

Payconiq is shaping the future of payment by creating a modular, API-based technology platform that can seamlessly integrate within the European payment ecosystem. Our 130-person team of over 40 different nationalities is rapidly expanding as we set out to become a trusted lead in smart processing and payment solutions across Europe.

Transparency, collaboration, ownership, adaptability to change, and achieving excellence. That's how we roll at Payconiq. We make sure we're ever-evolving: always raising the bar higher than it was yesterday!

To help us achieve our ambitious goals we are now looking for an experienced Senior Application Security Engineer to join our international team of open-minded, ambitious and fun colleagues. Do you like what we do and what we stand for? Do you want to grow with us and add real value? Join us today!

As a Senior Application Security Engineer at Payconiq you will play a key role in ensuring the application development teams continue to adhere to the right secure coding practices and requirements. You will look for security gaps within our software and propose the right security solutions. In addition, you will also look for process improvements to include security aspects and promote security among all development teams.

You will support the security team by analyzing and defining application security policies as well as setting up secure development standards and requirements. You will also perform application threat assessments, source code security reviews and application vulnerability tests. In addition, you will be involved in merge request reviews, architectural design changes and facilitating development teams with CI tooling. 

You will fit right in if you’re always curious to learn and continuously look for ways to further improve our security!

As a Senior Application Security Engineer you’re able to:

• Identify potential threats by performing threat modelling, architectural design reviews, source code reviews, and dynamic application security tests for the web, mobile and infrastructure.
• Coordinate internal and external security assessments and corrections.
• Participate in product features design and development.
• Analyze the current security trends and risks.
• Promote secure coding practices among the application development teams.
• Prepare and conduct security-related workshops.
• Maintain, improve and build new CI scripts and tooling using JavaScript, Bash and a bit of Python.
• Familiar with tools like SonarQube, Veracode, Guard Square, OpenVAS, Accunetix, etc. used in code review & application security
• In-depth understanding of application security vulnerabilities and standards.
• Experience with Agile, DevSecOps and CI/CD.
• Experience with web applications, iOS and Android testing and knowledge of current threats and risks on all platforms.
• In-depth understanding of application security vulnerabilities and standards.

In addition, you’re able to bring the following expertise:

• Bachelor's Degree in Computer Science or software programming background.
• Excellent communication skills and hands-on mentality.
• 5-10 years of professional experience working in information and application security, ideally in an application security engineer or similar role.
• A few years of developer experience working in a software development team.
• Experience with programming, i.e. developing and reviewing, in at least Java and JavaScript (ideally also Python).
• Expert knowledge of cryptography and Key management.
• Define security policies and standards.
• Relevant security qualifications, such OSWE, Certified DevSecOps Professional (CDP), CEH, CKS.

If you like what you’ve read, feel free to apply and get the conversation started.

Not sold just yet? Have a peek at some of our perks

• Salary of EUR 80.000 - 90.000 gross per year including 8% vacation allowance.
• 30 vacation days per year with the possibility to purchase up to 10 extra days
• Commuting allowance covers 0.21€ per km
• Pension plan (in addition to your base salary, no personal contribution, fully paid by employer)
• Collective health insurance with CZ (reduced fees)
• ANW, WIA, collective accident insurance (paid by Payconiq)
• Training Budget: 5% of annual gross salary (in addition to your base salary)
• WFH allowance: EUR 2 per worked day from home
• Internet allowance: 25 euro per month
• Desk & Chair from employer: employee is owner
• Mobile phone policy: bring your own device EUR 500 per 2-year, SIM card from Payconiq
• Structural WFH Policy: hybrid model
• Voluntary work: 3 days per year
• MacBook pro laptop
• LinkedIn Learning
• ASR Vitality program
• Relocation package: Visa sponsorship and digital support throughout the relocation process

How the hiring process will look like:

• 3 interviews with: HR, your team and the Hiring Manager

Do you want to grow with us and add real value? Join us today!