Application Security Engineer

About

Aircall is on a mission to revolutionize the business phone industry!
We exist to bring empathy into business conversations.

We provide an entirely cloud-based voice platform, that integrates seamlessly with popular productivity and helpdesk tools that workplaces are already using. We have raised more than $100 Million since 2015.

Behind our product are the amazing teams driving it, split between Paris, NY and remote locations.

Job Description

 

We exist to empower every professional to have richer conversations. We provide an entirely cloud-based voice solution, which seamlessly integrates with popular productivity and helpdesk tools. We have raised more than $220 million since 2015, and our base of 8000+ customers (and growing) is at our forefront.

 

Behind our product are the amazing teams driving it, split between Paris, New York, Sydney, Madrid, London, Berlin and remote locations. Despite our distance, we all work together to drive our product!

As an Application Security Engineer, you will be responsible for fostering and maintaining a good security posture on our infrastructure, application and processes to help other teams deliver customer value on top of Voice.

Security testing best practices, evangelization, and mentoring in your team and across the whole of Engineering will be part of your day to day job.

Quality, excellence, and agility drive our delivery processes and you will help us level these up. Using modern tools (Rails, TS, Terraform, ...) on AWS, we build added value and resilient services on top of voice and fully integrate with our customers’ business critical tools (CRM, Helpdesk, E-Commerce, …).

Your mission @Aircall:

  • Driving improvements to Aircall’s security posture through strategic planning and collaboration with both development and infrastructure teams, with trust, autonomy and influence
  • Ensuring the security testing across Engineering to ensure best practices are applied and a security first mindset, continues to be ever present within the organisation
  • Having key security related responsibilities within automated test design, architecture, and end-to-end delivery of key modules
  • Contributing code to our applications and services to address vulnerabilities and evolving our codebases toward secure coding practices
  • Collaborating with Product and Engineering to balance security risk with product advancement
  • Communicating risks to engineering staff and assisting leadership through consulting, training and technical demonstration of vulnerabilities and secure design patterns
  • Sharing knowledge by giving brown bags, tech talks, and evangelizing appropriate tech and engineering best practices
  • Contributing security-focused feedback to engineers during all phases of the development lifecycle
  • Ensuring security bug tracking, bug bounty operation and scanner results triage
  • Being involved in new features development to ensure security breaches are not introduced
  • Being part of an engineering organization delivering high quality, secure, voice solutions to Aircall clients.
  • Contributing to investigations of any actual or potential information security risks or breaches, and develop mitigating plans and coordinate the incident response
  • Staying up to date on current and future security technology and trends and act as a key advisor to align business and security
  • A little bit more about you

  • You have at least 2+ years of experience in Security
  • You have a comprehensive understanding of risk management
  • You have a good understanding of attack patterns to design and develop proper security testing. Being business centric minded is a necessity to pinpoint potential security breaches
  • You understand the secure development process and other best practices and are accustomed to using systems such as Jira, Confluence, BitBucket, GitHub, GitPrime, etc.
  • You have experience in identifying, debugging and solving complex security related production issues
  • You are used to working in Agile teams and look for and implement continuous improvement, but you also appreciate good process and quality assurance in mitigating risk and improving quality and security
  • Experience working with external security testing companies to deliver specific requirements, e.g. penetration testing and certifications
  • You’re familiar with modern web security, and have experience with JS, TS and/or Ruby on Rails
  • A practical understanding of data privacy / GDPR
  • We know that success comes from smart work and deserves to be recognized and rewarded

    We value people who are bold, ambitious, collaborative and customer-centric. We’re a global community growing together.

    If you love a good challenge, enjoy solving meaningful problems, and want to be a part of one of the fastest-growing B2B startups, then Aircall is the company you are looking for!

    Aircall offers a unique work environment and the chance to collaborate with diverse teammates across continents. We'll provide freedom and tools to allow you to thrive at your best, and foster an environment you can do it in.

    Why join us?

    🚀 Key moment to join Aircall in term of growth and opportunities

    💆‍♀️ Our people matter, work-life balance is important at Aircall

    📚 Fast-learning environment, entrepreneurial and strong team spirit

    🌍 35+ Nationalities: cosmopolite & multi-cultural mindset

    💶 Competitive salary package & benefits (health coverage, lunch, commute, sports)

    DE&I Statement: 

    At Aircall, we believe diversity, equity and inclusion, irrespective of origins, identity, background and orientations, are core to our Aircall journey. 

    We promote active inclusion to foster a strong sense of belonging which is one of our main strengths as a business. We strive to assemble diverse people that can enrich and learn from each other. We pledge to make sure everyone not only has a seat at the table but is valued at the table -- providing equal opportunities to develop and thrive.

    We will constantly challenge ourselves to make sure that we live up to our ambitions around diversity, equity and inclusion, and keep this conversation open because we realize that we have work to do and much to learn.

    Additional Information

    • Contract Type: Full-Time
    • Location: Paris, France (75009)
    • Experience: > 2 years
    • Possible full remote