Application Security Engineer (Full Remote Policy)

Sofia, Bulgaria /
Technical – Security /
Sendinblue is the European leader in digital marketing software. We are a complete Sales & Marketing toolbox: email, SMS, Facebook ads, chat, CRM, and more in one single SaaS platform. Our mission is to empower all companies with the tools they need to build stronger customer relationships and grow their business through meaningful interactions.

We have a team of more than 600 employees representing over 67 nationalities spread across seven offices located in Paris, Berlin, Sofia, Noida, Bengaluru, Seattle and Toronto.

As a fast-growing company, Sendinblue is in the process of growing the infrastructure team. As a member of this team, you will be working closely with our CISO and our IT Manager. We work with cutting edge technologies and always encourage our team to explore what's new on the market.


    • Develop, design and document application-level security controls and standards with cloud native approach
    • Own application security design check against existing services and new services
    • Be an application security evangelist with engineering teams to train them on this approach
    • Track and prioritize all application security issues
    • Build security tools to identify and fix security problems at scale
    • Perform code review as pair programming
    • Automation on security testing at scale to identify vulnerabilities and set a risk indicator


    • At least 4+ years experience working with strong software engineering foundations
    • Minimum 2 years with experience in one of those technical skills : secure coding, identity management and authentication, software development, cryptography, threat modeling
    • Ideally you have experience with OWASP ASVS
    • Working knowledge on exploiting and fixing application vulnerabilities
    • Experience software development lifecycle in at least 2 languages (Go, PHP, JS, ..)
    • Best practices and standards in OWASP, NIST and CIS
    • Knowledge of common web application vulnerabilities (i.e. OWASP Top 10)
    • Good understanding of CI/CD mixed with security tools (code coverage, code quality, ..)
    • Highly positive attitude and ability to build conducive working relationships with colleagues from all levels
    • Excellent English and strong experience in a multicultural environment - another language will be appreciated such as Hindi, German or French
    • Experience in SaaS is a plus


    • A unique opportunity to join an international and collaborative startup environment in a hyper-growth context
    • The chance to grow your professional and technical skills, with real room for career progression
    • SIBOP: all Sendinblue employees are granted with our shared ownership plan - the more Sendinblue will be valuated, the more you will get
    • A modern office in a central location in South Sofia with fun activities
    • An umbrella of paid leaves and public holidays (25 days of paid leave per year)
    • Flexible remote policy
    • Additional medical insurance
    • Multisport sports card
    • Budget to support your workspace at home
    • Bi-annual global company offsite; inter-office trips (when the current sanitary situation permits)
    • Virtual Festival & Birthday celebration, Team parties, & team-building outings (including bi-weekly lunch outside of the office)

Meet us !

    • Video interview with our HR Team 
    • A first interview with our one member of our Security Team
    • A last interview with our CISO
Sendinblue puts diversity and inclusion at the heart of its values. We examine all applications with treatment based on equal skills and applying the principles of non-discrimination.

Sendinblue values work-life balance and offers full remote work. This policy is based on a mutual understanding between Managers and Team Members.