Permanent employee, Full-time · Berlin
We are a dynamic, fast-growing fintech company based in Berlin with a mission to break down barriers to better saving across Europe. Our platforms give customers simple, transparent access to the Raisin deposits marketplace, where our partner banks from all over Europe offer an ever-growing range of competitive savings products. In Germany, we also broker cost-effective investment portfolios and pension products. Raisin has raised more than €195 million in funding from renowned investors including Goldman Sachs, PayPal Ventures, Index Ventures, btov Ventures, Ribbit Capital, Orange Digital Ventures and Thrive Capital. We have also been featured on the FinTech50 — the list of Europe’s top 50 fintechs — every year since 2016, ranking in the top 5 in 2018 and 2019.
Our marketplace is available in over 30 countries across Europe through www.raisin.com, with dedicated country platforms in Germany, Spain, the UK, Austria, France, Ireland, and the Netherlands. Since launching in December 2013, we have brokered €16 billion in savings for more than 200,000 satisfied customers to more than 80 partner banks. Our distribution partners, such as Commerzbank, o2 Telefónica Deutschland, N26, ClearScore and Yolt among many others, extend Raisin’s impact as well as their own range of offers: they make our deposits marketplace available to their customers.
3+ years of performing Web Application Security
2+ years of developing commercial products (experience in Java preferred)
Understanding of network protocols and architectures such as TCP/IP, UDP, IPv6, IPSEC, TLS, HTTP/S, routing protocols
Exceptional problem-solving skills, curious about the inner workings of systems and show attention to details
Excellent written and oral communication skills
Technical ability: Ability to develop technical solutions and use existing tools to help discover and mitigate security vulnerabilities. Ability to code/script in at least one programming language like Python, Java, C++.
Excellent knowledge of pen testing tools and procedures for Web and mobile apps
Flair for automation: Should be passionate about automating security testing and penetration testing using tools and code
Architecture skills: Passion for system architecture with a primary focus on security aspects
Security knowledge: Fundamental understanding of security best practices. Review security vulnerabilities and determine what modifications are needed to minimize risk to the organization via enhancements to the existing environment.
Communication: Excellent ability to communicate technical solutions. Assist in developing test plans, test the products, make recommendations and assist in developing the architecture and implementation plan for approved solutions.
Data Driven: Develop and maintain a comprehensive set of security benchmarks and guidelines that are readily adoptable by system administrators and software engineers.
Manage Security Engineering for Raisin products and applications (Web and Mobile)
Assist in developing and implementing Secure Software Development Lifecycle (SSDLC) practices
Work with the product teams to perform security design/code reviews and vulnerability assessment and management in an agile environment
Perform security tasks including (but not limited to) threat-modelling, secure code analysis, training, static, dynamic and interactive analysis, fuzz testing, automated and manual security testing
Innovate the automation of SSDLC tasks
Engage with third-party security consultants for independent security assessments
Perform red teaming and penetration testing of the product and Infrastructure
Thank you for considering a career at Raisin GmbH. Please fill out the following form. In case you are experiencing problems with the document upload, mail your documents to email@example.com.