Application Security Engineer

  • Full-time
  • Department: Product & Engineering

Company Description

Have you ever worked for a company that actually wanted you to bring your whole self to work every single day?

About Tradeshift
Tradeshift is a unicorn in the fintech industry. We are disrupting a typically stagnant environment by connecting companies of all sizes and providing them with the platform and network needed to create value from old processes like procurement, invoicing, payments, and workflow. We recognize that business is both messy and social - two revelations that have driven the development of Tradeshift, a platform for all your business interactions.

Team 
Our team believes in an integrated approach to application security, and that prevention is better than a cure. We also believe that communication skills and the ability to help others can amplify the impact of an engineer 10x.  We take security very seriously and work very hard to include it throughout our software lifecycle from the design process all the way through how we operate the platform.

Job Description

Role
You are a security evangelist across all of Tradeshift, training other developers to help them build more secure products. You'll consult with teams on secure architecture design, and put our security measures to the test to ensure we are performing best practices in the best interest of our Shifters and clients. 

You will support developers, operations, IT and the overall company security posture. You and your team are responsible for maintaining our compliance program where we have achieved SOC 1 Type II, SOC 2 Type II, ISAE 3402 Type II, ISO 27001 and PCI Level 1 compliance.

What a day is like:

  • Perform security related design and implementation reviews for the platform
  • Automate to improve the abilities of other engineers to develop and maintain secure code
  • Find and remediate security flaws across the software stack
  • Coordinate with researchers on our bug bounty program to close exposed vulnerabilities
  • Consult across teams on secure architecture design and implementations
  • Propose, evaluate and build innovative new security features to benefit our users
  • Assist with security incident response as needed
  • Work with external pen testers to continually improve security on the platform

Qualifications

You’re perfect for this role if:
You are collaborative, and use constructive feedback as a tool to continuously improve our development. You are personable and understanding. You and communicate and resolve security flaws and errors with empathy. 

You also have:

  • Expertise in conducting design reviews and remediating security issues in existing codeSolid foundation in web application security including Node.Js applications
  • Experience with penetration testing against applications
  • Deep proficiency in Java development, Groovy and Grails a plus
  • Experience working with sensitive data like credit cards and other PII
  • Proficiency in implementing sandboxing solutions
  • BS in Computer Science or a related technical field / equivalent experience
  • 4+ years of industry experience engineering web facing systems

Additional Information

Location
Our Bucharest office is full of “rebels” - people who like to challenge the status quo. We’re a fun group always looking for ways to make an impact and we enjoy the freedom and autonomy we are allowed in our jobs. 

Culture 
Our culture began day one when three Danes poured their brains, heart, and guts into creating a platform that could connect every business in the world. We expect each employee to approach their work with the same amount of pride and passion. One day you might find us having a ping pong match in the middle of the work day, and then you’ll find us handing off projects to colleagues in different time zones so we can continue progress around the clock. 

TradeShifters come from various backgrounds and nations, and we all thrive off challenging the status quo. We take pride in nurturing employee happiness, encouraging personal development, and welcoming teammates from all walks of life.

We value diversity and we do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.

Why you might like working here:

  • You love autonomy and the freedom to get your work done how you want 
  • You like sharing your opinions and feeling like they matter
  • You want to work for a company that requires you to bring your whole self to work every day: brains, heart, and guts.
  • Ambitious international startup, and agile environment in Bucharest, Romania
  • Competitive compensation package
  • Career and professional development opportunities (workshops, trainings etc.)
  • Trips to design-camps for working with and learning from professionals in other countries
  • Flexible work hours
  • Company laptop provided
  • Medical Subscription
  • Meal tickets of 15 lei value for each working day
  • Free drinks & snacks daily, fresh fruits every Monday and Wednesday
  • Safe outdoor bike parking spot
  • Access to Bookster
  • Friendly and relaxed working atmosphere
  • Relaxing spots, games - ping pong, board games
  • Fun team-bonding events such as Team Camps, Hack-a-thons, Game & Field Days,
  • Welcome Breakfast, Happy Hours, Birthdays Celebrations and more!
Privacy Policy