Senior Security Engineer

Building the bank of tomorrow takes more than skills.
It means combining our differences to imagine, discuss, code, develop, test, learn- and celebrate every step together. Share our vibes? Join Swissquote to unleash your potential.

We are the Swiss Leader in Online Banking and we provide trading, investing and banking services to over 500,000 clients, through our performant and secured digital platforms.

Our 1,000 employees work in a flexible way, without dress code and in multicultural teams.
By having a huge impact on the industry, they are growing their skills portfolio and boosting their career in a fast-paced environment.

We are all in at Swissquote. As an equal opportunity employer, we welcome candidates from all backgrounds, experiences and perspectives to join our team and contribute to our shared success.

Are you all in? Don’t be shy, apply!

As a Senior Information Security Engineer, you will play a key role in building security and privacy by design in our information systems and products.

As part of the Information Security Service, you will collaborate with our IT and Software Engineering Departments to design, review and audit security measures across a wide range of products and technologies, and you will contribute to automating security processes and activities. You will be responsible for identifying and analyzing new risks and vulnerabilities, and designing effective remediation to improve our security posture. You will also contribute to the software engineers' security training, fostering a culture of security consciousness among employees and stakeholders.

Together with the other members of the IT Security team, you will contribute to making our Bank more secure and resilient, and to grow efficiently in an increasingly regulated industry.

We are looking for a seasoned Information Security professional who can leverage their expertise and thrive in a dynamic, fast-paced environment. If you are eager to embrace this challenge, we look forward to receiving your application.

• Provide security advisory and guidelines to software engineering teams to elaborate, enforce and monitor security controls and solutions.
• Perform risk assessments of new projects and support teams in applying mitigation measures.
• Design secure architectures and perform threat modelling.
• Contribute to security automation (SOAR, scripting recurring tasks).
• Review and improve our SDLC security based on known tools and standards (PCI SSD, OWASP, OpenSAMM).
• Contribute to elaborating security reports and dashboards.
• Coordinate with security testing providers and internal teams for penetration tests and vulnerability reports.
• Participate in our internal Red Team activities.
• Advise on technical solutions related to crypto custody services and participate in their elaboration.
• Participate in the due diligence process when onboarding a partner or technical solution.
• Operate and maintain HSMs and crypto custody solutions.
• Participate in security incident response activities.

Mandatory

• Minimum 5 years experience as Security Engineer, Architect or similar roles.
• Ability to communicate and engage with various departments and teams.
• Excellent French and English communication skills, oral and written.
• Good command of scripting and programming languages (Python, PowerShell, Java).
• Knowledge of technologies and concepts such as SIEM, EDR, SOAR, Cloud, Networking, Windows, Linux.
• Solid analytical and critical thinking abilities.

Desired

• Bachelor or Master in Computer Science or similar.
• Experience with Kubernetes and Microsoft Azure.
• Experience with: Microsoft Defender XDR, Microsoft Sentinel, Elastic / Kibana, OpenCTI, Java.