Application Security Engineer

  • Full-time
  • Department: Product & Engineering

Company Description

Have you ever worked for a company that actually wanted you to bring your whole self to work every single day?

About Tradeshift
Tradeshift is a unicorn in the fintech industry. We are disrupting a typically stagnant environment by connecting companies of all sizes and providing them with the platform and network needed to create value from old processes like procurement, invoicing, payments, and workflow. We recognize that business is both messy and social - two revelations that have driven the development of Tradeshift, a platform for all your business interactions.

Team 
Our team believes in an integrated approach to application security, and that prevention is better than a cure. We also believe that communication skills and the ability to help others can amplify the impact of an engineer 10x.  We take security very seriously and work very hard to include it throughout our software lifecycle from the design process all the way through how we operate the platform.

Job Description

Role

We are looking for a FUN and energetic Application Security Engineer to help us secure Tradeshift's platform. Your job will be to work with more than 300 engineers to help them write secure code, manage and resolve vulnerabilities, automate security and train our developers. Our ideal candidate is someone that knows software development and understands developers' needs to be able to keep the right balance between security and developer freedom / productivity. Last, but certainly not least, we need someone who can help us promote that security is FUN, helping us make our team most likeable (we're very close!).

What a day is like:

  • Perform security related design and code reviews for the platform 
  • Automate and improve the ability of other engineers to develop and maintain secure code
  • Find and remediate security flaws across the software stack
  • Work on our bug bounty programme to assess and manage reported vulnerabilities
  • Consult across teams on secure architecture design and implementations    Propose, evaluate and build innovative new security features to benefit our users and engineers
  • Assist with security incident response as needed
  • Participate in regular red team exercises to keep the team on their toes
  • Keeping our work environment lighthearted and spreading security knowledge to the company in a FUN way

Qualifications

You’re perfect for this role if:
We are looking for a candidate with the right combination of application security knowledge, software development experience and personality. Security-wise, you should have a good overview of the most common web app vulnerabilities and how to mitigate them. When it comes to software development, you'll ideally have worked on larger software projects in the past and have the skills to be able to read, understand and even write code to make sure that you'll get along nicely with our developers. Lastly, we're looking for a cheerful, communicative and feedback-oriented person who can help us actively promote security within Tradeshift. 

You also have: 

  • Software development experience so you can dive into Tradeshift's codebase and fix vulnerabilities if needed
  • Implementation-level knowledge of web app security (think SQLi, XSS, CSRF, password management, cookies, etc.)
  • Passionate about both giving and receiving feedback
  • Able to understand requirements that contradict security (e.g. deadlines) and able to make the best of the situation
  • Knowledge of cryptography, Linux system administration, AWS or Kubernetes is a plus!

Additional Information

Location
Our office in Copenhagen has a palpable excitement that stems from the constant change that keeps everyone on their toes. Each employee has a voice, and their hard work pays off. No good work goes unnoticed. 

Culture 
Our culture began day one when three Danes poured their brains, heart, and guts into creating a platform that could connect every business in the world. We expect each employee to approach their work with the same amount of pride and passion. One day you might find us having a ping pong match in the middle of the work day, and then you’ll find us handing off projects to colleagues in different time zones so we can continue progress around the clock. 

TradeShifters come from various backgrounds and nations, and we all thrive off challenging the status quo. We take pride in nurturing employee happiness, encouraging personal development, and welcoming teammates from all walks of life.

We value diversity and we do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.

Why you might like working here:

  • You love autonomy and the freedom to get your work done how you want 
  • You like sharing your opinions and feeling like they matter
  • You want to work for a company that requires you to bring your whole self to work every day: brains, heart, and guts.
  • Ambitious international startup
  • Career and professional development opportunities
  • Large office that provides caters to many different work-environment preferences  
  • Flexible work hours
  • Mobile phone plan and at home internet
  • Lunch and snacks daily with drinks
  • A competitive compensation package and equity
  • In-house activities like yoga
  • Opportunity to join many fun, varied company events like happy hours, hackathons, family holiday parties, and many more.
Privacy Policy