Application Security Engineer

Our MissionSwapcard is the leading AI-powered event platform designed to drive revenue growth and foster meaningful connections at in-person and hybrid events.We recognize the importance of teamwork in successful events; that's why Swapcard is fueled by a team of innovators who are passionate about helping organizers build future-proof events.Our VisionAt Swapcard, we believe in the power of meaningful connections.This belief fuels our commitment to pioneering modern solutions that empower organizers to create engaging event experiences.Guided by our commitment to excellence and collaboration, we aim to redefine the landscape of event technology, setting new standards for engagement, accessibility, and impact.Our BeliefsAt Swapcard, diversity is at the core of our success.With 42 nationalities represented among our 180+ team members, we champion diversity as a catalyst for creativity, collaboration, and unparalleled innovation.We believe that by embracing a multitude of backgrounds, cultures, and viewpoints, we can truly understand and cater to the needs of our global community of event organizers and participants.Our full remote opportunities empower our team to thrive, no matter where they are in the world, fostering a culture of flexibility and inclusion.What you'll be doing?Own and manage our Bug Bounty programs: triage reports, validate findings, and reproduce PoCs.Collaborate with developers and product owners to propose and support remediation of security issues.Write or review pull requests to fix security vulnerabilities directly in the codebase.Validate results from external pentests and integrate them into the development backlog.Contribute to threat modeling, code review, and security design discussions.Support the Secure Development Lifecycle (SAST, dependency scanning, security automation in CI/CD).Perform lightweight pentesting of new features and releases when needed.Maintain clear documentation to support AppSec processes.Coordinate security communication between Security, Developers, and Product for faster resolution of security tickets.What you should have?Previous experience as a developer (any modern backend/frontend stack).Hands-on security experience through bug bounty programs, CTFs, or pentesting, and respective tools (e.g. Burp Suite).Solid understanding of common application vulnerabilities (OWASP Top 10, SSRF, IDOR, etc.).Familiarity with SAST/DAST tools (e.g. SonarQube, Snyk).Experience collaborating with developers and product teams.Strong problem-solving and communication skills with a "find and fix" mindset.Bonus PointsExperience creating or merging PRs for security fixes in production code.Knowledge of secure coding practices in web and API development.Familiarity with CI (Jenkins, GitLab CI...) and DevOps tools (Terraform, Helm...).Exposure to WAFs, anti-bot solutions, or related AppSec defenses.Interest in contributing to security automation and developer enablement.Swapcard's Interview ProcessScreening interview with a recruiter from our people team.A remote exercise to demonstrate and assess your skills.Manager review with your future reporting manager.Leadership review with one of our department leaders.Reference check conducted by our people team.Offer.Swapcard's ValuesCurious : We ask questions, try new things and take risks.We learn from one another and see mistakes as opportunities to grow—what matters most is how we react and learn from them.We are curious about what something is and why something is.Innovation thrives when curiosity drives.Value-Driven : At Swapcard, we focus on making each decision count by prioritising outcomes that create meaningful value for our customers, team members, and partners.Human : At Swapcard, being human means fostering empathy, openness, and diversity to create a caring and collaborative community.We're driven by a strong team spirit and a shared goal of building meaningful connections—both through our product and within our team.Resilient : We embrace challenges with optimism, creativity, and adaptability, constantly seeking innovative solutions and opportunities for growth.Ownership: At Swapcard, we take responsibility and are accountable for our actions, driving success through initiative, trust, and accountability.True ownership means more than just completing tasks; it's about being proactive, investing ourselves fully in the outcomes, and fostering a culture of trust.Benefits & Reasons to Join SwapcardInternational team with 40+ nationalities (more on the way)Remote-first policy with headquarters in ParisThriving startup with career growth opportunitiesOpen-minded culture that appreciates differencesFeedback-driven, supportive & curious team with a DIY mindsetGenerous Paid Time Off to ensure you have time for what matters most ??Remote perks designed to optimise your working experienceIn-person social gatherings to celebrate our achievements ?100% of your health insurance contribution paid by SwapcardWork-from-home budget (one-off contribution for equipment in addition to your initial equipment setup)Co-working space budget to support remote work in professional environmentsLearning budget to help you develop new and existing skillsMental health care initiatives to support your well-beingEqual OpportunitySwapcard is committed to upholding equal employment practices and making merit-based employment decisions.We welcome individuals from all backgrounds, abilities, and experiences to apply, regardless of race, nationality, religion, sexual orientation, gender identity, pregnancy status, age, marital status, and status as a veteran.#J-*****-Ljbffr