Beschreibung:
At Spendesk, we're building the leading spend management platform for modern businesses, processing billions of euros across Europe and beyond. Security is at the heart of what we do: our customers trust us to safeguard their financial data, and we're committed to raising the bar for security in fintech.
We're building a dedicated Security Engineering function. You'll join alongside a Senior Security Engineer and together form the operational security backbone of the engineering organisation.
Your Mission
You'll be hands-on across vulnerability management, access controls, monitoring, and secure development support. You'll work closely with a Senior Security Engineer who'll mentor you and help you grow, while partnering day-to-day with Infrastructure and product engineering teams.
This is a hands-on engineering role, not a dashboard-watching SOC seat or a governance one: you'll build, fix, and improve, while a separate team owns policy and risk frameworks. You'll learn fast and ship real security improvements from week one. If you like fixing things, digging into alerts, and making systems harder to break, you'll thrive here.
You will sit at the intersection of two domains: as a security engineer, your impact will be directly measured by how effectively you translate second-line-of-defense guidance (from the Compliance and Regulatory team) into practice, while ensuring technical alignment and buy-in from the Product and Engineering organisation you are part of.
Key Responsibilities
Vulnerability & incident management
* Triage vulnerabilities from our bug bounty program, scanners, and dependency checks.
* Support incident response: develop fixes, track resolution, update tickets, and contribute to post-mortems.
* Monitor and process security alerts from our SIEM and other monitoring tools.
Identity & access management
* Implement and maintain SSO/MFA configurations for product and infrastructure systems, leveraging Okta and Google Workspace to manage downstream access rights.
* Implement roles and access rights per tool and system.
* Run periodic permission reviews and access audits.
* Manage production secrets and credential rotation.
Secure development support and tooling
* Run pre-deployment security checks: static analysis, dependency scanning, container image scanning.
* Flag issues in code reviews when security patterns are violated.
* Help engineers understand and fix security findings.
Monitoring & detection
* Monitor SIEM alerts, investigate suspicious activity, and escalate when needed.
* Maintain and tune detection rules under guidance from the Senior Security Engineer.
* Help operate and maintain SIEM infrastructure (ElasticSearch, log collection pipelines).
Security operations
* Support pentest coordination: prepare test environments, track remediation items.
* Maintain documentation on security procedures and runbooks.
What We're Looking For
Must-haves:
* Foundational experience in security engineering, SOC, or a DevOps/SRE role with a strong security focus, eager to deepen across the security stack.
* Solid understanding of web application security (OWASP Top 10, common attack vectors).
* Hands-on experience with at least two of: vulnerability scanning tools, SIEM/log analysis, IAM systems (Okta, Google Workspace), or CI/CD security tooling.
* Comfortable scripting (Python, Bash, or similar) to automate repetitive security tasks.
* Collaborative mindset: you work across many teams and communicate security issues clearly and constructively. Rather than binary allowed/forbidden calls, you assess and articulate risk through a severity and likelihood lens, bringing teams along instead of acting as a blocker.
Nice-to-haves:
* Experience with AWS security (IAM policies, Security Hub, GuardDuty).
* Familiarity with ElasticSearch / ELK stack.
* Exposure to infrastructure-as-code (Terraform) and container security.
* Knowledge of compliance frameworks (ISO 27001, SOC 2, PCI-DSS): not as an auditor, but enough to understand why controls exist.
* Experience in fintech or a regulated environment.
As we are an international team, please submit your application and CV in English.
Not ticking every box? We'd still love to hear from you. At Spendesk, we value skills, potential and diverse experiences. If this role excites you and you believe you could contribute, we encourage you to apply.
About Spendesk
Spendesk is the AI-powered spend management and procurement platform that transforms company spending. By simplifying procurement, payment cards, expense management, invoice processing, and accounting automation, Spendesk sets the new standard for spending at work. Its single, intelligent solution makes efficient spending easy for employees and gives finance leaders the full visibility and control they need across all company spend, even in multi-entity structures. Trusted by thousands of companies, Spendesk supports over 200,000 users across brands such as Payfit, Accor, Welcome to the Jungle, Swile, Big Mamma, Malt and Yousign. With offices in the United Kingdom, France, Spain and Germany, Spendesk also puts community at the heart of its mission.
For more information: www.spendesk.com/press
About our people & culture
We believe that people do their best work when they're given the freedom to thrive and grow. That's why liberation is at the core of everything we do. We empower Spendeskers to take ownership of their work, to navigate ambiguity, and seize every opportunity. Spendeskers come from all over the world (35+ countries and counting!) but we have plenty in common: we're bold, ever-curious, committed to kindness, and tackle every challenge with a positive mindset.
About our benefits
Our culture is built on trust, empowerment, and growth - with benefits to match!
Flexible on-site and remote policy
Latest Apple equipment - the tools you need to excel
Access to Moka.care - for emotional and mental health wellbeing
Great office snacks - to fuel your day
A positive team to work with daily!
We also offer location-specific benefits tailored to each market, including health insurance, wellness allowances, commuter support, meal vouchers, and gym memberships - ensuring you're well supported wherever you're based.
Diversity & Inclusion
At Spendesk, we're committed to fostering an environment where all differences are encouraged, supported and celebrated. We're building our culture for everyone, with everyone. Our goal is to attract and build a diverse, equal and inclusive team, where everyone feels welcome and we truly embrace and encourage people from all backgrounds to apply
| Quelle: | Website des Unternehmens |
| Datum: | 03 Jul 2026 |
| Stellenangebote: | Job |
| Bereich: | Banken / Finanzen |
| Sprachkenntnisse: | Englisch |