Application Security Engineer - Remote-First
Role details
Job location
Tech stack
Job description
Application Security Engineer - Remote-First 4 weeks ago Be among the first 25 applicants ? Be part of a movement to change the way Europe pays In today's digital world, payments often still feel outdated: random delays and confusing rules make it harder than it should be to pay and get paid. The European Payments Initiative (EPI) is here to change all that, forever. With Wero, our digital wallet, we make sending and receiving money simple, seamless and secure across France, Belgium and Germany, with more countries and omnichannel solutions coming soon. Supported by 14 major banks and the two largest European acquirers, EPI is building a new, proudly European payment system: easy, instant and transparent, all for the greater good. ? What's in it for you We're hiring an Application Security Engineer to embed security at the heart of our platform. In this role, you'll act as a subject-matter expert, guiding teams to design and build secure, scalable systems from the ground up. You'll, architecture, testing methodologies, and tooling across engineering teams * Harden scalable system architectures by applying DevSecOps practices, secure design principles, and modern authentication/authorization systems * Mentor and support Security Champions to raise security awareness and maturity across teams * Collaborate cross-functionally to deliver scalable, user-centric, and compliant payment solutions for millions of European users * Document and communicate technical architecture, security guidelines, and best practices to ensure shared understanding Kotlin, Ktor, MongoDB, OpenAPI, Docker SAST/DAST/SCA tooling, Kotest ?? ️ To succeed, you should meet at least 70% of these requirements * 5+ years of professional experience in securing highly scalable web applications * Hands-on expertise with security testing practices and tooling (SAST, DAST, SCA) and secure API design * Solid understanding of secure system architecture, OWASP ASVS, and modern
Requirements
authentication/authorization mechanisms * Familiarity with cloud-native environments and infrastructure-as-code (Kubernetes, Terraform) is a plus * Strong communication skills and ability to collaborate across engineering, product, and design teams * Fluent in English (CEFR C1 or C2); French, German or Dutch or any additional European languages is a plus * Experience in the payment or financial services industry is a plus ? If this looks like you, the recruitment steps are: A first call with one of our recruiters A technical interview with one of our Application Security engineers A final interview with the Head of Engineering and CISO Hopefully, an offer you can't refuse You see security only as patching issues rather than shaping design and development You're uncomfortable working in a dynamic environment with evolving priorities You prefer working solo instead of collaborating and sharing expertise with other teams Otherwise apply! ? Our commitment to equal employment opportunities EPI offers the same job opportunities to all, without distinction of gender, ethnicity, religion, sexual orientation, social status, disability or age. EPI promotes the development of an inclusive work environment that mirrors the diversity of the clients our product is serving. #J-18808-Ljbffr
