Rodeo
ResourcesPartnersSign in

Spendesk

Associate Security Engineer

Paris
Posted 2 days ago
Sign up to applySee more jobs like this

How your CV stacks up

1Upload CV
2Analyse CV
3Improve CV

Upload your CV to see how well it fits this job role

?%

Associate Security Engineer

Security Engineer

At Spendesk, we're building the leading spend management platform for modern businesses, processing billions of euros across Europe and beyond. Security is at the heart of what we do—our customers trust us to safeguard their financial data, and we're committed to raising the bar for security in fintech.

We're building a dedicated Security Engineering function. You'll join alongside a Senior Security Engineer and together form the operational security backbone of the engineering organisation.

Your Mission

You'll be hands-on across vulnerability management, access controls, monitoring, and secure development support. You'll work closely with a Senior Security Engineer who'll mentor you and help you grow, while partnering day-to-day with Infrastructure and product engineering teams.

This is a hands-on engineering role, not a dashboard-watching SOC seat or a governance role—you'll build, fix, and improve, with a separate team owning policy and risk frameworks. You'll learn fast and ship real improvements from week one. If you like fixing things, digging into alerts, and making systems harder to break, you'll thrive here.

You will sit at the intersection of two domains: as a security engineer, your impact will be directly measured by how effectively you translate second-line-of-defense guidance (from the Compliance and Regulatory team) into practice while ensuring technical alignment and buy-in from the Product and Engineering organisation.

Key Responsibilities

Vulnerability & Incident Management

  • Triage vulnerabilities from our bug bounty program, scanners, and dependency checks.
  • Support incident response: develop fixes, track resolution, update tickets, and contribute to post-mortems.
  • Monitor and process security alerts from our SIEM and other monitoring tools.

Identity & Access Management

  • Implement and maintain SSO/MFA configurations for product and infrastructure systems, leveraging Okta and Google Workspace to manage downstream access rights.
  • Implement roles and access rights per tool and system.
  • Run periodic permission reviews and access audits.
  • Manage production secrets and credential rotation.

Reasons to use Rodeo

I’m in my final year doing Economics and I don’t know whether to apply for grad schemes now or do a masters first. What do you think?

Honest answer — it depends on where you want to end up. A lot of top grad schemes (Big 4, civil service, banking) don’t need a masters. Let’s look at the ones you’d be competitive for now, and we can decide if a masters actually adds anything.

Also worth knowing: most autumn 2026 applications are open now. Timing matters more than you think.

Start with a chat, not a search bar

Grad scheme, placement, apprenticeship? Not sure what you want yet — that's fine. Your agent talks it through with you and turns "I have no idea" into a shortlist.

P

Graduate Consultant — 2026 Scheme

PwC·London, UK
£35,000/yr

Why you're a good match

Strong

Your economics background and your summer at a regional bank line up with what PwC looks for on the consulting scheme. Applications close in four weeks.

See breakdown
Save jobNot relevant
View details

It searches the market for you

Every day your agent scans the market matching roles against what actually matters to you, not just keywords on a CV.

Why you're a good match

You’ve got the grades and the economics background, and your bank internship is exactly the experience this scheme looks for. Apply soon — deadlines close within the month.

See breakdown
Strong

Experience fit

Your summer at the bank plus your econometrics coursework map directly to the day-one responsibilities on this scheme — client modelling, market briefings, and deal support.

See breakdown
Strong

Only hits

No noise. No "maybe this fits." Just roles with a clear explanation of why they're right — and where to focus when applying.

Secure Development Support & Tooling

  • Run pre-deployment security checks: static analysis, dependency scanning, container image scanning.
  • Flag issues in code reviews when security patterns are violated.
  • Help engineers understand and fix security findings.

Monitoring & Detection

  • Monitor SIEM alerts, investigate suspicious activity, and escalate when needed.
  • Maintain and tune detection rules under guidance from the Senior Security Engineer.
  • Help operate and maintain SIEM infrastructure (ElasticSearch, log collection pipelines).

Security Operations

  • Support pentest coordination: prepare test environments, track remediation items.
  • Maintain documentation on security procedures and runbooks.

What We're Looking For

Must-haves

  • Foundational experience in security engineering, SOC, or a DevOps/SRE role with a strong security focus, eager to deepen across the security stack.
  • Solid understanding of web application security (OWASP Top 10, common attack vectors).
  • Hands-on experience with at least two of:
    • Vulnerability scanning tools
    • SIEM/log analysis
    • IAM systems (Okta, Google Workspace)
    • CI/CD security tooling
  • Comfortable scripting (Python, Bash, or similar) to automate repetitive security tasks.
  • Collaborative mindset: you work across many teams and communicate security issues clearly and constructively. Rather than binary "allowed/forbidden" calls, you assess and articulate risk through a severity and likelihood lens, bringing teams along instead of acting as a blocker.

Nice-to-haves

  • Experience with AWS security (IAM policies, Security Hub, GuardDuty).
  • Familiarity with ElasticSearch / ELK stack.
  • Exposure to infrastructure-as-code (Terraform) and container security.
  • Knowledge of compliance frameworks (ISO 27001, SOC 2, PCI-DSS)—not as an auditor, but enough to understand why controls exist.
  • Experience in fintech or a regulated environment.

Note: Not ticking every box? We’d still love to hear from you. At Spendesk, we value skills, potential, and diverse experiences. If this role excites you, we encourage you to apply.

Get help with your application

Your very own career expert that helps elevate your application to the next level.

Get help applying for this job

About Spendesk

Spendesk is the AI-powered spend management and procurement platform that transforms company spending. By simplifying procurement, payment cards, expense management, invoice processing, and accounting automation, Spendesk sets the new standard for spending at work. Its single, intelligent solution makes efficient spending easy for employees and gives finance leaders the full visibility and control they need across all company spend, even in multi-entity structures.

Trusted by thousands of companies, Spendesk supports over 200,000 users across brands such as Payfit, Accor, Welcome to the Jungle, Swile, Big Mamma, Malt, and Yousign. With offices in the United Kingdom, France, Spain, and Germany, Spendesk also puts community at the heart of its mission.


About Our People & Culture

We believe that people do their best work when energised and supported. That's why we empower every Spendesk employee to take ownership of their work, navigate ambiguity, and seize opportunities. Our international team—representing *35+ countries—shares a bold, curious, and kind approach, tackling challenges with a positive mindset. Together, we embrace diversity, empowerment, and boundless growth.


Our Benefits

Our culture is built on trust, empowerment, and growth—with benefits to match:

  • Flexible on-site and remote policy – Freedom to work where you thrive.
  • Latest Apple equipment – The tools to excel in your role.
  • Moka.care – Emotional and mental wellness support.
  • Great office snacks – Fuelling your productivity.
  • A positive team – Everyday collaboration with colleagues who inspire.

Our location-specific benefits include:

  • Health insurance, wellness allowances
  • Commuter support and meal vouchers
  • Gym memberships

Diversity & Inclusion

At Spendesk, we foster an environment where all differences are celebrated. We aim to attract and build a diverse, equal, and inclusive team, ensuring everyone feels welcome. Our goal is to embrace and encourage perspectives from all backgrounds. If you believe in the power of inclusion, we’d love to have you on board!

Trusted by 25,000+ job seekers

“It took my CV and asked me questions relevant to understanding what kind of jobs to suggest for me. Suggestions were almost perfect. Jobs were exactly what I’ve been looking for.”

Jessica, London

Get help applying for this job

Skills

Vulnerability Management
Incident Response
Identity And Access Management
SIEM
Web Application Security
Python
Bash
Okta
Google Workspace
CI/CD Security
AWS Security
Terraform
Container Security
ElasticSearch
OWASP Top 10
Risk Assessment

Location

Paris, Ile-de-France, France

Sign up to applySee more jobs like this