Company Description|Job Description
Have you ever worked for a company that actually wanted you to bring your whole self to work every single day?
Tradeshift is a unicorn in the fintech industry. We are disrupting a typically stagnant environment by connecting companies of all sizes & providing them with the platform & network needed to create value from old processes like procurement, invoicing, payments, & workflow. We recognize that business is both messy & social - two revelations that have driven the development of Tradeshift, a platform for all your business interactions.
Our team believes in an integrated approach to application security, & that prevention is better than a cure. We also believe that communication skills & the ability to help others can amplify the impact of an engineer 10x. We take security very seriously & work very hard to include it throughout our software lifecycle from the design process all the way through how we operate the platform.
You are a security evangelist across all of Tradeshift, training other developers to help them build more secure products. You'll consult with teams on secure architecture design, & put our security measures to the test to ensure we are performing best practices in the best interest of our Shifters & clients.
You will support developers, operations, IT & the overall company security posture. You & your team are responsible for maintaining our compliance program where we have achieved SOC 1 Type II, SOC 2 Type II, ISAE 3402 Type II, ISO 27001 & PCI Level 1 compliance.
What a day is like:
- Perform security related design & implementation reviews for the platform
- Automate to improve the abilities of other engineers to develop & maintain secure code
- Find & remediate security flaws across the software stack
- Coordinate with researchers on our bug bounty program to close exposed vulnerabilities
- Consult across teams on secure architecture design & implementations
- Propose, evaluate & build innovative new security features to benefit our users
- Assist with security incident response as needed
- Work with external pen testers to continually improve security on the platform
You're perfect for this role if:
You are collaborative, & use constructive feedback as a tool to continuously improve our development. You are personable & understanding. You & communicate & resolve security flaws & errors with empathy.
You also have:
- Expertise in conducting design reviews & remediating security issues in existing codeSolid foundation in web application security including Node.Js applications
- Experience with penetration testing against applications
- Deep proficiency in Java development, Groovy & Grails a plus
- Experience working with sensitive data like credit cards & other PII
- Proficiency in implementing sandboxing solutions
- BS in Computer Science or a related technical field / equivalent experience
- 4+ years of industry experience engineering web facing systems
Our office in Copenhagen has a palpable excitement that stems from the constant change that keeps everyone on their toes. Each employee has a voice, & their hard work pays off. No good work goes unnoticed.
Our culture began day one when three Danes poured their brains, heart, & guts into creating a platform that could connect every business in the world. We expect each employee to approach their work with the same amount of pride & passion. One day you might find us having a ping pong matchin the middle of the work day, & then you'll find us handing off projects to colleagues in different time zones so we can continue progress around the clock.
TradeShifters come from various backgrounds & nations, & we all thrive off challenging the status quo. We take pride in nurturing employee happiness, encouraging personal development, & welcoming teammates from all walks of life.
We value diversity & we do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.
Why you might like working here:
- You love autonomy & the freedom to get your work done how you want
- You like sharing your opinions & feeling like they matter
- You want to work for a company that requires you to bring your whole self to work every day: brains, heart, & guts.
- Ambitious international startup
- Career & professional development opportunities
- Large office that provides caters to many different work-environment preferences
- Flexible work hours
- Mobile phone plan & at home internet
- Lunch & snacks daily with drinks
- A competitive compensation package & equity
- In-house activities like yoga
- Opportunity to join many fun, varied company events like happy hours, hackathons, family holiday parties, & many more.