Application Security Engineer
Aircall is on a mission to revolutionize the business phone industry!
We are an advanced, cloud-based business phone system and call center software — all wrapped up in one single tool (no hardware, 100% integrated).
But behind our product are the people driving it. Ambition, Community, Teamwork and Transparency – these are the values we live by at Aircall. We know that success comes from smart work and deserves to be recognized and rewarded.
If you love a good challenge, enjoy solving meaningful problems, and want to be a part of one of the fastest growing B2B startups — then Aircall is the company you are looking for!
As an Application Security Engineer, you will be responsible for testing security standards on our infrastructure, application and processes used within the design, development, deployment, and operation of business-critical features that add customer value on top of Voice. Security testing best practices, evangelization, and mentoring in your team and across the whole of Engineering will be part of your day to day job.
Quality, excellence, and agility drive our delivery processes and you will help us level these up. Using a variety of back-end stacks, appropriate for each requirement, but always hosted on AWS, we build added value and resilient services on top of voice and fully integrate with our customers’ business critical tools (CRM, Helpdesk, E-Commerce, …).
Your mission @Aircall:
- Ensure the security testing across Engineering to ensure best practices are applied and a security first mindset, continues to be ever present within the organisation, against a continually evolving landscape
- Have key security related responsibilities within automated test design, architecture, and end-to-end delivery of key modules
- Design, develop and execute the ongoing security testing, be it manual or automated, e.g. penetration testing, ethical hacking etc. and its automation, against both the designed infrastructure and developed applications.
- Provide test results and draft reports
- Ensure security bug tracking
- Be involved in new features development to ensure security breaches are not introduced
- Be involved in product and platform performance testing and live site testing for threat detection and mitigation purposes
- Be part of an engineering organization delivering high quality, secure, voice solutions to Aircall clients.
- Contribute to investigations of any actual or potential information security risks or breaches, and develop mitigating plans and coordinate the incident response
- Stay up to date on current and future security technology and trends and act as a key advisor to align business and security
A little more about you:
- You have at least 5+ years of experience in automation, security tools and framework
- You have a comprehensive understanding of threats and their mitigations and can foresee automation required
- You have a good understanding of attack patterns to design and develop proper security testing. Being business centric minded is a necessity to pin point potential security breaches
- You understand the secure development process and other best practices and are accustomed to using systems such as Jira, Confluence, BitBucket, GitHub, GitPrime, etc.
- You have experience in identifying, debugging and solving complex security related production issues
- You are used to working in Agile teams and look for and implement continuous improvement, but you also appreciate good process and quality assurance in mitigating risk and improving quality and security
- Experience working with external security testing companies to deliver specific requirements, e.g. penetration testing and certification
- You know of the top 10 OWASP
- A practical understanding of data privacy / GDPR
Why join us?
🚀 Key moment to join Aircall in term of growth and opportunities
💆♀️ Our people matter, work-life balance is important at Aircall
📚 Fast-learning environment, entrepreneurial and strong team spirit
🌍 30+ Nationalities: cosmopolite & multi-cultural mindset
🌞 Sunny offices in the center of Paris with incredible perks and regular team parties
💶 Competitive salary package & benefits (health coverage, lunch, commute, sports)
Aircall is committed to building a diverse, equitable and inclusive workforce. We are an equal opportunity employer and welcome qualified applicants, regardless of gender identity or expression, sexual orientation, race, religion, age, national origin, citizenship, pregnancy status, veteran status, or any other differences. If you have a disability or special need that requires accommodation, please let us know. Members of communities historically underrepresented in tech are encouraged to apply.