Technical Security Expert

As a Technical Security Expert, you will play a key role in protecting Spendesk's information systems. Reporting to the security team, you will work closely with Spendesk's product and engineering teams to implement, monitor, and continuously improve technical security measures. Your expertise will be essential in identifying, assessing, and remediating vulnerabilities, as well as advising and raising awareness among teams on security best practices.

Key Responsibilities

• Support Developers
Collaborate closely with development and infrastructure teams, discuss best practices, and promote a security-by-design culture in projects.
• Code Audits
Conduct in-depth code reviews to identify and fix security vulnerabilities in TypeScript code produced by developers.
• Dependency Audits via Reverse Engineering
Examine third-party libraries and dependencies, analyze their behavior through reverse engineering, and detect potential security flaws or backdoors.
• Infrastructure Audits
Perform security audits on Infrastructure-as-Code (IaC) Terraform within a multi-tenant AWS platform.
• Tool Audits
Conduct intrusion testing campaigns on the configuration of various internal company tools, including CI/CD pipelines, code management, authentication tools, etc.
• SIEM Management
Oversee, configure, and maintain the SIEM system (ElasticSearch, self-hosted, multi-node) to ensure proactive threat detection and rapid security incident response.
• Penetration Testing
Plan and execute penetration tests on systems and applications to assess their resistance to attacks and propose remediation strategies.
• Security Policies & Compliance
Contribute to updating security policies, standards, and technical procedures to ensure compliance with best practices and regulatory requirements. Supervise their implementation and promote security best practices.
• Threat & Vulnerability Monitoring
Stay up to date on emerging threats, vulnerabilities, and attack techniques and recommend appropriate defense strategies.
• Incident Detection & Response Automation
Develop scripts and tools to automate security tasks, including incident detection and response.
• Training & Awareness
• Train and raise awareness among internal teams about security challenges, secure coding practices, and security tool usage.

Who we are looking for

• Minimum 5 to 10 years of experience in information security with proven technical expertise.
• Strong experience in development and code auditing, particularly in TypeScript, Node.js, and Python.
• Proficiency in ElasticSearch, with the ability to deploy and maintain a multi-node Linux infrastructure from scratch.
• Expertise in reverse engineering and analyzing minified or obfuscated code.
• Deep knowledge of decentralized web architecture (microservices) and PaaS/SaaS providers (AWS, GCP, Datadog, Snowflake, etc.).
• Experience in penetration testing and security audits.
• Strong scripting skills (Python, Bash, etc.).
• Advanced knowledge of security standards is a plus (ISO 27001, OWASP, etc.).
• Ability to work in a team and collaborate with engineers from diverse backgrounds.
• Excellent communication and teaching skills.
• Strong analytical and problem-solving mindset.
• Ability to remain calm and act decisively in crisis situations.
• Fluent English required.
• French is a plus.

As we are an international team, please submit your application and CV in English. About Spendesk Spendesk is the AI-powered spend management and procurement platform that transforms company spending. By simplifying procurement, payment cards, expense management, invoice processing, and accounting automation, Spendesk sets the new standard for spending at work. Its single, intelligent solution makes efficient spending easy for employees and gives finance leaders the full visibility and control they need across all company spend, even in multi-entity structures. Trusted by thousands of companies, Spendesk supports over 200,000 users across brands such as SoundCloud, Gousto, SumUp, and Bloom & Wild. With offices in the United Kingdom, France, Spain and Germany, Spendesk also puts community at the heart of its mission. For more information: www.spendesk.com/press About our people & culture We believe that people do their best work when they’re given the freedom to thrive and grow. That’s why liberation is at the core of everything we do. We empower Spendeskers to take ownership of their work, to navigate ambiguity, and seize every opportunity. Spendeskers come from all over the world (35+ countries and counting!) but we have plenty in common: we're bold, ever-curious, committed to kindness, and tackle every challenge with a positive mindset. About our benefits Our culture is built on trust, empowerment, and growth — with benefits to match! - Flexible on-site policy : 4 days per month remote (non-accumulative) and 3 full weeks remote per year (non-consecutive) - Lunch 60% funded by Spendesk (Swile Card) - Alan Premium health insurance - A Gymlib pass to let off steam after a productive day at work - Access to Moka.care for emotional and mental health wellbeing - Access to Vendredi allowing us to change the world - Latest Apple equipment - Great office snacks to fuel your day - A positive team to work with daily! Diversity & Inclusion At Spendesk, we're committed to fostering an environment where all differences are encouraged, supported and celebrated. We're building our culture for everyone, with everyone. Our goal is to attract and build a diverse, equal and inclusive team, where everyone feels welcome and we truly embrace and encourage people from all backgrounds to apply.