aircall - Security Engineer, Product Security
Upload My Resume
Drop here or click to browse · Tap to choose · PDF, DOCX, DOC, RTF, TXT
Requirements
• 2–5 years of experience in Product Security, Application Security, or software engineering with a strong security focus. • Strong understanding of web application and API security fundamentals and common vulnerability classes (OWASP Top 10). • Experience performing security reviews, threat modelling, or secure architecture assessments for software systems. • Familiarity with security testing tools and practices (SAST/DAST, dependency scanning, fuzzing, manual testing). • Comfort reading and reviewing production code in at least one language (e.g., Python, Go, Java, JavaScript/TypeScript). • Exposure to automated or AI-assisted security tools or workflows, and interest in applying them to improve developer experience and security outcomes. • Ability to work cross-functionally with engineering teams and communicate findings in a constructive, actionable way. • Proven ability to drive remediation efforts and follow through on risk reduction outcomes. • Experience with cloud-native architectures (AWS/GCP/Azure), microservices, Kubernetes, service-to-service authentication, and secrets management. • Experience tuning security tools to reduce noise and improve signal (e.g., improving rules, baselines, or pipelines). • Familiarity with secure SDLC practices and security champions programs. • Exposure to bug bounty/vulnerability disclosure or working with external researchers. • Experience improving internal security automation or developer workflows (including using AI-assisted tooling).
Responsibilities
• Partner with engineering teams to review designs and implementation plans, identifying security risks early and recommending mitigations. • Perform threat modelling for new features and major changes, helping teams document risks, assumptions, and security controls. • Identify and help remediate common vulnerability classes across services and APIs (e.g., auth/authz, injection, data exposure, logic flaws). • Triage and support remediation of vulnerabilities identified through SAST/DAST tools, internal testing, or third-party findings. • Conduct security testing and validation, including targeted manual testing for high-risk areas. • Help improve secure development practices by creating reusable guidance, checklists, and secure patterns for engineering teams. • Contribute to security tooling and automation that improves coverage, reduces false positives, and streamlines security reviews. • Assist with product security incidents by supporting investigation, impact analysis, and follow-up remediation. • Communicate security risks clearly and pragmatically, helping teams prioritize effectively and ship safely. • Document learnings and contribute to evolving product security processes and standards.
Benefits
• 🚀 Key moment to join Aircall in terms of growth and opportunities • 💆♀️ Our people matter, work-life balance is important at Aircall • 📚 Fast-learning environment, entrepreneurial and strong team spirit • 🌍 45+ Nationalities: cosmopolite & multi-cultural mindset • DE&I Statement:
No credit card. Takes 10 seconds.