Bitpanda is hiring an

Application Security Engineer (f/m/d)

Vienna, Austria
Full-Time
Who we are
Bitpanda is on a mission to reinvent the world of finance and bring investing closer to everyone, everywhere. Today’s financial ecosystem is complex, exclusive and expensive, and we’re here to change this as the #1 investment platform in Europe and beyond. Our platform is rooted in the belief that investing should be safe, easy and accessible to all. With Bitpanda, everyone has the freedom and flexibility to invest in what they believe in - commission-free stocks, cryptocurrencies or even precious metals - starting from as little as €1.

Our story started in 2014 with our founders, Eric Demuth, Paul Klanschek and Christian Trummer. Since then, we’ve grown to a powerful and diverse team of 500+ people who represent more than 50 nationalities. Headquartered in Vienna, we’re proud to be Austria’s first unicorn and one of the fastest-growing fintechs in Europe. Our innovative technology serves over 3 million users and operates across multiple hub locations. Our products are built by fast-moving, talented, “roll-up-your-sleeves-and-make-it-happen” kind of people. If you’re someone who thinks big, moves fast and wants to make an impact right from day one, then get ready to join our industry-changing team. Let’s go!


Your mission:

As an Application Security Engineer at Bitpanda, you will be working closely with developers, product owners and third parties to ensure Bitpanda applications continue to be kept secure.

What you'll do:

  • Be a core participant and support application security reviews and threat modelling, including code review and dynamic testing
  • Operate and continuously improve our application security vulnerability management programme
  • Lead and participate in internal red/purple team activities, as well as in regular/ad-hoc pentests
  • Support our bug bounty programme
  • Provide consulting to the Product and Development teams within the area of application security
  • Participate in the creation, maintenance and delivery of security training
  • Assist in the development of the automated security testing suite to validate that secure coding best practices are being used

Who you are:

  • Familiarity with and ability to work with DevOps Lifecycle tooling
  • Knowledge of common security libraries, security controls and common security flaws
  • Experience with OWASP, static/dynamic analysis and common security tools
  • Good understanding of network and web related protocols (such as TCP/IP, UDP, IPSEC, HTTP, HTTPS, protocols)
  • Understanding of cloud security controls and best practices
  • Background of working with developers
  • Excellent and professional communication skills (written and verbal) with an ability to articulate complex topics in a clear and concise manner

What’s in it for you

- Top-notch “tech pack” (a.k.a.: the latest and greatest hardware) that you need to help Bitpanda move the needle, right from day one. The best part? You can choose between PC or Mac. And yes, noise-cancelling headphones are included! 
- Individual stock option plan
- Exclusive premiums when trading on Bitpanda
- Occasional company-wide and team events  - both in-person and virtually!
- Learning & development opportunities
- A brand new, optimised-for-Hybrid-working, HQ office located in Vienna’s fintech hub (in the second district) as well as local office location hotspots in Berlin, London, Madrid, Barcelona and Milan (to name just a few!)
- Bitpanda sustainable merch to keep you swagged out and living the Bitpanda brand
- A global Bitpanda team of fast-moving, talented, “roll-up-your-sleeves-and-make-it-happen” kind of people who are united (across cultures and time zones) by our unique way of working. 

And, above all, the opportunity to learn & grow as part of Bitpanda’s incredible journey to become Europe’s #1 investment platform.  

Looking for a job?

Application Security Engineer (f/m/d) at Bitpanda looks great, right? We have dozens of similar job posts on our site, interested? Leave your email and we'll send the best matches.