Our mission? Creating the freedom for SMEs to succeed in business and beyond, by delivering Europe’s leading finance workspace. We combine business-class tools (seamless invoicing, spend management, and pre-accounting) with unwaveringly attentive 24/7 support, designed to help businesses breeze through all things finance.

Our journey: Founded by Alexandre and Steve in July 2017, Qonto has rapidly gained trust, serving over 600,000 customers. Thanks to our wonderful team of 1,600+ Qontoers, we also made it to the LinkedIn Top Companies French ranking!

Our values:

Customer focus | Prioritize customers in everything you do

Ownership | Own your part, get things done

Teamwork | Make (team)work easy

Mastery | Continuously raise the bar

Integrity | Always do what’s right, and respect people

Our beliefs: At Qonto, we're committed to fostering a welcoming environment where everyone can thrive. We prioritize evaluating applicants based solely on skills and potential, ensuring diversity with 55% international team members, 44% women, and 20% parents. Join us in building a workplace that celebrates diversity and individuality.

Discover the steps we took to create a discrimination-free hiring process.

⭐ Mission: Join us as a Security Engineer to protect our company and our clients while adopting a pragmatic approach to security that enables us to scale the business safely and rapidly as we start the journey to become a Credit Institution!

⚡ Impact: As a Security Engineer, you will work on keeping Qonto’s systems and applications bulletproof. You will audit our applications, find creative ways to abuse and secure our infrastructure, and work on exciting security features to protect our growing user base.

You will join our security team led by Ayoub, our Security Director. You will report directly to Pierre, our Security Team Lead, and join a team composed of 8 Security Engineers.

👩‍💻🧑‍💻As a Security Engineer at Qonto, you will

- Apply your strong security expertise to secure our exciting tech stack: AWS, Kubernetes, Kafka, MacOS, Golang, and so on…

-Leverage your threat modeling knowledge to shape the roadmap of the team and prioritize the most impactful projects.

-Develop and implement internal tools to find security vulnerabilities, mitigate them, and detect suspicious behavior.

-Work with product and developers during system, code, and design reviews to ensure that Qonto's applications are built according to top security standards.

-Share your knowledge with the team through everyday feedback and internal training.

-Investigate security incidents and perform forensics analysis.

-Enrich your security expertise and contribute to making Qonto an increasingly reputable company in the InfoSec domain.

🧠 What you can expect

-Spend time designing robust and scalable solutions. The security team at Qonto “does tech”: they build the systems on AWS, pair with developers on Go apps, and work closely with the infrastructure team on Kubernetes,

-Collaborate with other teams from Developers to Ops engineers: be a part of a team that doesn’t just “create tickets” but directly contributes to improving the system.

-Contribute with autonomy in the security of the system: identify vulnerabilities, perform PoC, build mitigation, and detection rules.

-Grow your career: the team is relatively small and in construction, so there are a lot of opportunities and things to do!

🤝 Your future manager

Your future manager will be Pierre, who is in charge of the Security team

His Background? He started his career performing internal pentests for banks or European institutions. He switched to the Blue side by joining Qonto as the first security engineer and laid the foundations for many security systems like our monitoring and detection system or the web application firewall.

What does he bring to the team? Together with the team, they approach security issues from first principles, break down the threat model, and find innovative ways of solving hard security problems without compromising the flexibility and productivity of employees and customers.

🏅About You

Experience: You are familiar with common attack scenarios, either through your experience as a pentester or auditor or as part of a blue team working in a Cloud-based environment.

Mastery:

-Cloud experience (AWS, GCP, or similar cloud provider) - MANDATORY: You must have hands-on experience working with cloud infrastructure

-Programming skills - MANDATORY: You are able to code and build solutions (Python expected, Golang is a plus, or any language demonstrating strong development capabilities)

-You have a strong knowledge of how web applications and internet work and of secure coding best practices and OWASP

-You are able to recognize application and system vulnerabilities and exploit them.

-You know how to safely orchestrate deployments on CI/CD pipelines (handling secrets, avoiding cache poisoning, isolating jobs, etc.).

-You know how to investigate security incidents using forensics tools.

Mindset :

Problem-solving: You are pragmatic and solution-oriented.

Continuous improvement: You can and are willing to learn about technologies you may not yet master (Kafka, Swift on iOS, Golang, etc.)

Curiosity: You are curious, open-minded, and passionate about information security. You are reasonably up to date about current threats and actively exploited systems, plus you are ready to learn about new technologies and new tools.

Teamwork: You have good communication skills and know-how to work with a team.

Languages: You are fluent in English.

At Qonto we understand that true diversity isn't just about ticking boxes on a hiring checklist. Apply regardless of the boxes you tick! Who knows? You may have the missing piece of the puzzle we've been searching for all along

About Qonto

Key Highlights

🎁 Benefits

🌟 Culture

Senior Security Engineer

Job Description

Interested in this role?