Senior Security Engineer

Paris
Engineering – Security /
FR Executive/Cadre /
Remote
Discover our galaxy 🪐

Malt was founded in 2013 and, since then, we managed to become the fastest growing freelance marketplace gathering a community of 550k+ freelancers, 70k+ companies, and 700+ Malters.

We’ve built the industry’s leading freelance management solutions—all on a powerful, data driven—to match companies with the right freelance talent.
But we’re more than just a connector. Our marketplace streamlines freelancer-client communications, simplifies administrative and legal tasks, expedites invoicing and payments, and so much more.  

Today, our company is growing fast! We need people like you to help us write this next chapter.

We are a tech company with a human approach 👽

- Strong company culture fuelled by 700+ Malters from 40 nationalities
- Multiple offices per country (France, Germany, Spain, Belgium, United Kingdom, the Netherlands and the Middle East)
- Committed to equality and diversity (50% of people managers are women)
- Strong career path policies allowing all Malters to develop and grow equally
- Backed by renowned investors including ISAI, Eurazeo Growth, Goldman Sachs and BPI France

Explore your future career  🔭

Malt is growing rapidly. In order to achieve our ambitious goals, we are offering you the opportunity to join Malt as a Security Engineer.

The Security squad plays a crucial role within the product team dedicated to ensuring the security of our freelancers and clients. Additionally, the squad collaborates with IT at the company level to ensure to provide all departments with the necessary tools for secure and efficient work. Considering the evolving security landscape and potential threats, the squad extends to face these challenges.

Key responsibilities ✨

    • Engage in incident response activities, which involve identifying incidents through a monitoring plan (including rule detection and associated dashboards), assessing their existence and their severity, and finally efficiently resolving them.
    • Reinforce data governance good practices encompassing classification, continuous monitoring, and access and permissions management.
    • Enhance platform security by designing and implementing solutions to proactively mitigate cybersecurity risks and detect any unfair usage of the platform.
    • Minimize the attack surface through vulnerability scanning, hardening measures, and compliance best practices.
    • Organize external audits and bug bounty programs, and ensure effective resolution of the security vulnerabilities identified.
    • Support, advise and make autonomous the engineering teams in the implementation of security best practices.
    • Automate as much as possible all the security squad tasks (automatic tests, monitoring, alerting, code analysis, etc.)

    • You will also participate in improving the security excellence of the development team, spread the security best practices at Malt, participate in our communities of practices (SRE, security, back-end, and front-end in particular), and increase your knowledge thanks to an active watch in the field of security and software.

      You will integrate the security squad within the platform team. You will participate in the animation of our security community of practice gathering members of all squads: software, cloud, and data engineers experienced and passionate about software security.

      At Malt, we believe that curiosity is an asset. The whole squad participates in the product architecture, all decisions are collegial, and we regularly engage in discussions on the best way to do things.  

Our Tech Stack

    • Frontend: TypeScript, Vue.js, Nuxt, Internal Design System, Stencil.js
    • Backend: Kotlin, Java Spring Boot, Gradle, PostgreSQL, MongoDB, Elasticsearch, RabbitMQ, Redis
    • Platform: Google Cloud Platform, Kubernetes, Terraform, ArgoCD, Gitlab CI 
    • Mobile: Swift, KotlinData: Big Query, Looker, Spark, Python
    • We practice continuous integration and delivery, we update Malt around 70 times per week in production. We intensively use Datadog for production monitoring and alerting.

About you 🧑‍🚀

    • Minimum 4 years of experience in software security in an engineering team
    • Strong understanding of web application security risks, particularly OWASP, and successfully implement solutions to address these risks in previous roles.
    • Comfortable with modern web applications (Single page applications, REST, Cloud infrastructure, emails) and have some notions of Object-Oriented programming (such as Java or Python), Web programming languages (JavaScript and/or Typescript).
    • Proficient in at least one Cloud platform, preferably GCP, and have experience with Kubernetes.
    • Master the security of web applications, including familiarity with technologies like WAF, IDS/IPS, RASP, etc.
    • Practical experience with at least one security events detection tool (SIEM or similar). 
    • Already worked on an IAM project (SSO, provisioning, and PAM).

    • You are versatile, autonomous, proactive, and demanding, you like to search for security flaws in software. You may have already participated in bug bounty programs yourself!

      We would love to meet you!

How to join the mission? 🚀

    • Screening with Alex, our Tech Talent Acquisition Manager, to better understand your background, aspirations and answer your questions (45 minutes)
    • Interview with Romain, our Engineering Manager, to discuss your experience and the role in more detail (60 minutes)
    • Technical Interview with the Security squad (90 minutes)
    • Final interview with a C-Level to discuss Malt’s long term vision


Malt is the perfect space to thrive personally and professionally 💫

- Onboarding: Before easing into your new role, you’ll spend your first week learning about our culture, products, and services with other onboardees at our office in Paris
- Equity: Every Malter is entitled to stock options 
- Lunch vouchers: €9/day on your Swile card.
- Transportation: 50% reimbursement (any type of transport)
- RTT: From 8 to 12 days off
- Malt sabbatical: After three years, every Malter is entitled to a one month paid sabbatical leave.
- Free books: If you’re interested in learning more about any topic relevant to Malt’s business, just tell us the books you’d like to read, and we’ll order them for you—without any questions asked or approval processes to follow.
- Remote work: full remote, with a possibility to work from any of our offices
- Annual team building events

Ready? Get your ticket to Malt 🪐