Corporate Auditor managing audits on application security and IT processes in a hybrid work environment. Coordinating with functional owners for implementation of recommendations.
About the role
- Security Engineer working with engineering teams to build secure products at Aircall. Focused on risk identification and management throughout the software development lifecycle.
Responsibilities
- Partner with engineering teams to review designs and implementation plans, identifying security risks early and recommending mitigations.
- Perform threat modeling for new features and major changes, helping teams document risks, assumptions, and security controls.
- Identify and help remediate common vulnerability classes across services and APIs (e.g., auth/authz, injection, data exposure, logic flaws).
- Triage and support remediation of vulnerabilities identified through SAST/DAST tools, internal testing, or third-party findings.
- Conduct security testing and validation, including targeted manual testing for high-risk areas.
- Help improve secure development practices by creating reusable guidance, checklists, and secure patterns for engineering teams.
- Contribute to security tooling and automation that improves coverage, reduces false positives, and streamlines security reviews.
- Assist with product security incidents by supporting investigation, impact analysis, and follow-up remediation.
- Communicate security risks clearly and pragmatically, helping teams prioritize effectively and ship safely.
- Document learnings and contribute to evolving product security processes and standards.
Requirements
- 2–5 years of experience in Product Security, Application Security, or software engineering with a strong security focus.
- Strong understanding of web application and API security fundamentals and common vulnerability classes (OWASP Top 10).
- Experience performing security reviews, threat modeling, or secure architecture assessments for software systems.
- Familiarity with security testing tools and practices (SAST/DAST, dependency scanning, fuzzing, manual testing).
- Comfort reading and reviewing production code in at least one language (e.g., Python, Go, Java, JavaScript/TypeScript).
- Exposure to automated or AI-assisted security tools or workflows, and interest in applying them to improve developer experience and security outcomes.
- Ability to work cross-functionally with engineering teams and communicate findings in a constructive, actionable way.
- Proven ability to drive remediation efforts and follow through on risk reduction outcomes.
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
Cloud IT Security Architect role at hubside enhancing information security in cloud environments. Engaging in IT projects with a focus on IT - Security strategies and operational security measures.
Senior Associate focusing on cybersecurity operations and threat detection at PwC. Mentoring junior team members and cultivating client relationships while navigating complex cybersecurity challenges.
SVP Chief Information Security Officer at Peoples Bank managing information security and compliance efforts. Leading teams and establishing security programs across the organization.
Security Officer providing security programs at various locations including corporate and educational institutions. Ensuring safety compliance and conducting regular checks and patrols to maintain security.
Stage en sécurité, réalisant des tournées sécurité et suivi d'incidents sur un site industriel. Accompagnement aux missions de sécurité et suivi documentaire.
Lead Security Software Developer at Vidoori focusing on securing critical application development and team leadership. Drive secure coding practices within a collaborative and innovative environment.
DM
CISO managing corporate - wide information security strategy for Duisburger Versorgungs - und Verkehrsgesellschaft mbH. Overseeing risk management and compliance with legal standards in information security.
Security Specialist focusing on creating and enforcing security policies for EDGE Group in Abu Dhabi. Conducting security assessments and overseeing the security team's daily operations.
Personal Security Advisor responsible for securing the CEO and other Senior Officers at PG&E. Conducting threat assessments, providing protection, and coordinating travel security.