Listing Description
At Trustly, we’re passionate about simplifying the way people pay and get paid online. We’re a licensed payment institution and our B2B products available across Europe, North America and Australia attract global merchants in segments such as e-commerce, telecom, travel, financial services, and gaming. In June 2018, private equity firm Nordic Capital acquired a majority stake in Trustly with ambitions to support us in becoming the leading global online banking payments provider.
We are a diverse and fast-growing team with our headquarters in Stockholm, Sweden, and 9 additional offices across Europe and North America. Together we are leading the development of the payments industry and the work you’ll do here will make a great impact. Trustly is a tech company at heart. Two of our three founders are developers and you’ll get the chance to work alongside many talented and motivated colleagues who will help you learn and grow.
About the role:
As part of fulfilling the objective of becoming the leading global online banking payments provider, we are strengthening our capability in the information and cyber security area. Just recently we restructured our internal setup within the security area allowing us to scale and teams to focus. To get us going we are now looking for additional Security Engineers to join the team focusing on our product security in Europe.
As Security Engineer at Trustly, you will be part of a team of security professionals ensuring security lies in the core of everything we build and operate. We combine our expertise in providing security services to the organisation with automating security controls wherever and whenever possible. The team is undergoing an expansive phase and you will have great opportunities to influence what we do and how we do it.
That said, your work will be within one or more of the following areas:
Vulnerability Management:
- Ensure the vulnerability management program maintains coverage of all applicable assets.
- Build automation that makes sure our tools are up to date and supports our teams to keep our software secure.
- Make initial assessment of reported vulnerabilities and ensure information is shared with the relevant internal teams.
Application Security:
- Perform security assessments of the solutions we build through design reviews, code reviews as well as performing dynamic testing, working closely with the development teams.
- Provide development teams with security guidance in different stages of the development process.
- Hold training within secure coding practices to the development teams.
- Research and implement security controls on top of the CI/CD pipeline.
Red team:
- Design and execute internal penetration testing activities targeting applications, infrastructure, endpoints, or even physical locations.
- Compromise hosts and data with exploitation of vulnerabilities to assess actual risks involved and understand what controls that failed to protect.
- Lead and coordinate external penetration testing activities.
- Lead exposure assessments when vulnerabilities are discovered.
- Lead and coordinate incident response activities.
- Security control effectiveness reviews
We believe you have the following qualities:
In addition the above, we believe you have experience in following areas:
Listing Details
- Citizenship: Not Provided
- Incentives: Not Provided
- Education: Not Provided
- Travel: Not Provided
- Telework: Not Provided