We are looking for a detail-oriented, self-motivated, and highly communicative Software Security Analyst. You will play a key role in advancing software and system security at SumUp by collaborating with our engineering and product teams and strengthening the security mindset and culture. In this role you will work in an international team ensuring that SumUp’s services are secure from external abuse and our users’ data is appropriately protected. You will integrate and maintain processes and tools to identify security vulnerabilities and will provide security guidance to our E&P teams.
We work on a number of different domains that span technologies, systems, and processes. A few of the technologies we are leveraging on SumUp platform include Ruby, Java, Node, Erlang, Go, Kafka, Kubernetes, and Docker.
WHAT YOU’LL BE DOING
- Educate, train and collaborate with our Engineering & Product teams
- Conduct security reviews of software and architecture, be the point of contact for software security-related concerns, assist engineers with solutions and provide understanding
- Integrate and maintain automated security testing tools in the SDLC (e.g. threat modelling, SAST, DAST, fuzzing, etc.)
- Ensure and manage continuous security assessments like penetration testing, vulnerability scanning, bug bounty
- Establish and maintain a vulnerability management program that covers all pieces of software, including third-party dependencies, frameworks, etc.
YOU'LL BE A GREAT FIT FOR THIS POSITION IF
- You have solid experience working as a software security engineer/analyst
- Deep and broad understanding of security vulnerabilities, attacks, and techniques to identify and mitigate them
- Detailed understanding of authentication protocols, encryption, operating systems, containers, and network protocols
- Having strong penetration testing skills will be considered a plus
- Experience with modern development practices (CI/CD), microservices architecture and Restful APIs
- Experienced in software development (any language)
- You are self-motivated, proactive and a good communicator
- You are fluent in English - you'll be part of a truly global company!
WHY YOU SHOULD JOIN SUMUP
- You'll have the opportunity to make an impact as we work in flat hierarchies
- You'll have the space to drive your career here and take ownership of projects
- You’ll have the chance to work on a diverse and international team
- You'll be able to attend global offsites/hackathons/team events
- You'll have competitive compensation and education budget.
- Office relaxation activities such as yoga and massages
- 23 days paid vacation + 1 accumulative day for each year of employment at SumUp
- Additional health insurance
We believe in the everyday hero.
Small business owners are at the heart of all we do, so we're creating tools that help them run their business. With a founders mentality and a 'team-first attitude' our diverse teams across Europe, South America, and the United States work together to ensure that the small business owners we partner with can be successful in doing what they love.
SumUp is an Equal Employment Opportunity employer that proudly pursues and hires a diverse workforce. SumUp does not make hiring or employment decisions on the basis of race, color, religion or religious belief, ethnic or national origin, nationality, sex, gender, gender identity, sexual orientation, disability, age or any other basis protected by applicable laws or prohibited by Company policy. SumUp also strives for a healthy and safe workplace and strictly prohibits harassment of any kind.