Technical Security Expert

Requirements

• Extensive technical experience in information security (typically 8+ years), with hands-on expertise in at least two of the following: code auditing (TypeScript/Node.js/Python), infrastructure security (AWS/Linux/Terraform), penetration testing, or SIEM management
• Deep understanding of secure development practices and modern web architectures (microservices, cloud/Paa

  S/Saa

  S)
• Strong scripting ability (Python, Bash, etc.)
• Experience with ElasticSearch in production environments
• Excellent communication and collaboration skills; ability to explain complex security concepts to diverse audiences
• Fluent English
• (Desirable) Experience with reverse engineering and analysis of minified/obfuscated code
• (Desirable) Knowledge of security standards (ISO 27001, OWASP, etc.)
• (Desirable) Experience with GCP, Datadog, or Snowflake
• French language skills

What the job involves

• As a Technical Security Expert, you’ll have a direct impact on the security posture of one of Europe’s fastest-growing fintechs
• You’ll work hand-in-hand with product and engineering teams to embed security into everything we build
• You’ll combine hands-on technical work with knowledge sharing, helping us stay ahead of threats in a constantly evolving landscape
• Champion security-by-design: Advise and collaborate with development and infrastructure teams to embed security best practices from the start of every project
• Lead technical security reviews
• Conduct in-depth code reviews (TypeScript, Node.js, Python) to uncover and remediate vulnerabilities
• Analyze third-party libraries and dependencies, including reverse engineering when needed
• Review Infrastructure-as-Code (Terraform) and multi-tenant AWS setups
• Drive security audits and testing
• Plan and execute penetration tests and intrusion campaigns on systems, applications, and internal tools (CI/CD, authentication, etc.)
• Propose actionable remediation strategies to strengthen our defenses
• Own security monitoring
• Oversee and maintain our SIEM (ElasticSearch, multi-node Linux)
• Develop automation tools and scripts for proactive threat detection and incident response
• Shape security culture: Help update policies and procedures, and raise awareness across teams through coaching, workshops, and communication
• Stay ahead of threats: Monitor emerging vulnerabilities and attack techniques, and recommend adaptive defense strategies