Product Security Engineer

Location: Warsaw, Cracow, Gdańsk

Salary:

25 000 - 32 000 PLN net B2B

21 500 - 27 520 PLN gross Contract of Employment

About Volt

When Volt launched in 2019, we recognized how open banking has the power to transform how businesses, wherever they happen to be, receive payments from their customers. So, we set about building an open payments gateway that enables merchants across the globe to receive direct, account-to-account payments – in real time.

Now, on the back of $23.5 million Series A and $60 million Series B funding rounds, we’re building an all-star team to achieve our goal of ‘real-time payments everywhere’.

About the role

We are seeking a highly skilled and experienced Product Security Engineer to join our company. You will be responsible for ensuring the security and integrity of our products throughout their lifecycle. You will collaborate with cross-functional teams, including engineering, product management, and IT, to identify and mitigate potential security risks, develop security strategies, and implement industry best practices.

What will you be doing in this role?

• Implementing security controls in CI/CD pipelines and related tooling, both for Dev and DevOps teams
• Coordinating penetration tests (both internal and 3rd party) and resulting vulnerability remediations
• Setting standards for secure application development across various teams in Volt
• Running Volt Bug Bounty program with support of other teams and external provider
• Maintaining control over libraries and frameworks used by devs, focusing on protecting against supply-chain attacks and patching
• Taking part in architecture-related initiavies and providing security input to development of new features and products
• Conducting security-focused code reviews
• Suggesting and implementing improvements to existing tooling, processes and infrastructure to increase internal and external business value of security
• Working with Development and DevOps teams on establishing and maintaining secure development best practices
• Supporting other teams (incl. Sales, Compliance) in responding to Security Assessments from 3rd parties and regulators
• Working with SecOps, Dev and DevOps teams on integrating security tooling directly into Volt applications

Requirements

• 4+ years of hands-on application security experience
• Experience working with Dev and DevOps teams (or part experience as a developer)
• Working understanding of cloud security principles (AWS preferred) and application deployment in cloud environments

• Can-do attitude and drive to solve problems, learning on past mistakes
• Drive to be the “security of yes, we can”, rather than a “security of no, you can’t”. As security we’re trying to help and drive the business, not setup roadblocks
• Experience implementing and operating RASP, SAST and other application security tooling
• Proficiency in written and spoken English and Polish (it’s gonna be hard to work in Volt otherwise)

What else would help?

• Knowledge of PHP and/or Java would be a major advantage
• Experience with Python/Go and scripting
• A drive for automation and limiting repeated manual labor

Benefits

• We secured $60 million in Series B funding – a record in the open banking space. We’re going places – fast,
• We’re building new, game-changing tech that’s evolving at lightning speed. It’s energising to be part of,
• We champion ‘extreme ownership’ – being not just the owner of your own tasks, but a key member of a team united by, and accountable for, common goals,
• During the week we mostly work remotely but for those who prefer to be in the office we arranged coworking spaces in Warsaw (Business Link Astoria) and Cracow (Loftmill),
• Every Thursday, our employees meet and enjoy working together at the Puro Hotel in Cracow and Warsaw. There is always an opportunity to eat lunch together and grab some drinks after hours. It would be great if you could visit us every week but if you don't have such an option 3-4 weeks are also fine,
• Every occasion is a good reason for celebration; we organise Christmas parties and company retreats,
• We care about our employees’ health, so you will be provided with Multisport card and medical insurance by Luxmed,
• We offer paid holidays (pssst...we will give you one day off extra for your birthday),
• In addition, once every two months on Friday we close down all comms at Volt - a digital detox. The whole business is officially ordered to take the day off!
• If you want to work in a company with a great, start-up atmosphere, you don’t have to look further :)

Recruitment process

• Selected candidates will be invited for an initial interview with our People & Culture representative. The video meeting will take about 30 minutes
• Then it’s time for a technical interview! The meeting will be conducted by our Chief Information Security Officer and Dev Team Lead and will last 1-1,5 hours
• Our SVP of Technology would also like to chat with you :) You can expect the meeting to last approximately 45 minutes
• If successful, you will be given a job offer proposal

Seems like a place you would like to be a part of? Our Security Team is waiting for you!