We are looking for a detail-oriented, self-motivated, and highly communicative Software Security Analyst. You will play a key role in advancing software and system security at SumUp by collaborating with our engineering and product teams and strengthening the security mindset and culture. In this role you will work in an international team ensuring that SumUp’s services are secure from external abuse and our users’ data is appropriately protected. You will integrate and maintain processes and tools to identify security vulnerabilities and will provide security guidance to our E&P teams.
We work on a number of different domains that span technologies, systems, and processes. A few of the technologies we are leveraging on SumUp platform include Ruby, Java, Node, Erlang, Go, Kafka, Kubernetes, and Docker.
WHAT YOU’LL BE DOING
Educate, train and collaborate with our Engineering & Product teams
Conduct security reviews of software and architecture, be the point of contact for software security-related concerns, assist engineers with solutions and provide understanding
Integrate and maintain automated security testing tools in the SDLC (e.g. threat modelling, SAST, DAST, fuzzing, etc.)
Ensure and manage continuous security assessments like penetration testing, vulnerability scanning, bug bounty
Establish and maintain a vulnerability management program that covers all pieces of software, including third-party dependencies, frameworks, etc.
YOU'LL BE A GREAT FIT FOR THIS POSITION IF
You have solid experience working as a software security engineer/analyst
Deep and broad understanding of security vulnerabilities, attacks, and techniques to identify and mitigate them
Detailed understanding of authentication protocols, encryption, operating systems, containers, and network protocols
Having strong penetration testing skills will be considered a plus
Experience with modern development practices (CI/CD), microservices architecture and Restful APIs
Experienced in software development (any language)
You are self-motivated, proactive and a good communicator
You are fluent in English - you'll be part of a truly global company!
WHY YOU SHOULD JOIN SUMUP
You'll have the opportunity to make an impact as we work in flat hierarchies
You'll have the space to drive your career here and take ownership of projects
You’ll have the chance to work on a diverse and international team
You'll be able to attend global offsites/hackathons/team events
You'll have competitive compensation and education budget.
Office relaxation activities such as yoga and massages
23 days paid vacation + 1 accumulative day for each year of employment at SumUp
Additional health insurance
We believe in the everyday hero.
Small business owners are at the heart of all we do, so we're creating tools that help them run their business. With a founders mentality and a 'team-first attitude' our diverse teams across Europe, South America, and the United States work together to ensure that the small business owners we partner with can be successful in doing what they love.
SumUp is an Equal Employment Opportunity employer that proudly pursues and hires a diverse workforce. SumUp does not make hiring or employment decisions on the basis of race, color, religion or religious belief, ethnic or national origin, nationality, sex, gender, gender identity, sexual orientation, disability, age or any other basis protected by applicable laws or prohibited by Company policy. SumUp also strives for a healthy and safe workplace and strictly prohibits harassment of any kind.