Application Security Engineer

Our Mission

Swapcard is the leading AI-powered event platform designed to drive revenue growth and foster meaningful connections at in-person and hybrid events. We recognize the importance of teamwork in successful events; that's why Swapcard is fueled by a team of innovators who are passionate about helping organizers build future-proof events.

Our Vision

At Swapcard, we believe in the power of meaningful connections. This belief fuels our commitment to pioneering modern solutions that empower organizers to create engaging event experiences.

Guided by our commitment to excellence and collaboration, we aim to redefine the landscape of event technology, setting new standards for engagement, accessibility, and impact.

Our Beliefs

At Swapcard, diversity is at the core of our success. With 42 nationalities represented among our 180+ team members, we champion diversity as a catalyst for creativity, collaboration, and unparalleled innovation.

We believe that by embracing a multitude of backgrounds, cultures, and viewpoints, we can truly understand and cater to the needs of our global community of event organizers and participants.

Our full remote opportunities empower our team to thrive, no matter where they are in the world, fostering a culture of flexibility and inclusion.

What you'll be doing?

Own and manage our Bug Bounty programs: triage reports, validate findings, and reproduce PoCs

Collaborate with developers and product owners to propose and support remediation of security issues

Write or review pull requests to fix security vulnerabilities directly in the codebase

Validate results from external pentests and integrate them into the development backlog

Contribute to threat modeling, code review, and security design discussions

Support the Secure Development Lifecycle (SAST, dependency scanning, security automation in CI/CD)

Perform lightweight pentesting of new features and releases when needed

Maintain clear documentation to support AppSec processes

Coordinate security communication between Security, Developers, and Product for faster resolution of security tickets

What you should have?

Previous experience as a developer (any modern backend/frontend stack)

Hands-on security experience through bug bounty programs, CTFs, or pentesting, and respective tools (eg. Burp Suite)

Solid understanding of common application vulnerabilities (OWASP Top 10, SSRF, IDOR, etc.)

Familiarity with SAST/DAST tools (e.g. SonarQube, Snyk)

Experience collaborating with developers and product teams

Strong problem-solving and communication skills with a “find and fix” mindset

Bonus Points

Experience creating or merging PRs for security fixes in production code

Knowledge of secure coding practices in web and API development

Familiarity with CI (Jenkins, GilabCI…) and DevOps tools (Terraform, Helm…)

Exposure to WAFs, anti-bot solutions, or related AppSec defenses

Interest in contributing to security automation and developer enablement

Swapcard’s Interview process

Our thorough interview process aims to identify exceptional talent to advance our mission while offering you a chance to explore your career potential at Swapcard.

Screening Interview with a recruiter from our people team

A remote exercise to demonstrate and assess your skills

Manager review with your future reporting manager

Leadership review with one of our department leaders

Reference check conducted by our people team

Offer

Swapcard's Values

🧠 Curious: We ask questions, try new things and take risks. We learn from one another and see mistakes as opportunities to grow—what matters most is how we react and learn from them. We are curious about what something is and why something is. Innovation thrives when curiosity drives.

🗝️ Value-Driven: At Swapcard, we focus on making each decision count by prioritising outcomes that create meaningful value for our customers, team members, and partners.

💚 Human: At Swapcard, being human means fostering empathy, openness, and diversity to create a caring and collaborative community. We’re driven by a strong team spirit and a shared goal of building meaningful connections—both through our product and within our team.

✊ Resilient: We embrace challenges with optimism, creativity, and adaptability, constantly seeking innovative solutions and opportunities for growth.

👑 Ownership: At Swapcard, we take responsibility and are accountable for our actions, driving success through initiative, trust, and accountability. True ownership means more than just completing tasks; it's about being proactive, investing ourselves fully in the outcomes, and fostering a culture of trust.

Benefits & Reasons To Join Swapcard

International team with 40+ nationalities (more on the way!) 🌍

Remote-first policy with headquarters in Paris 🗼

Thriving startup with career growth opportunities 🪴

Open-minded culture that appreciates differences 👽

Feedback-driven, supportive & curious team with a DIY mindset 🤔 🛠

Generous Paid Time Off to ensure you have time for what matters most ❤️🏡

Remote perks designed to optimize your working experience 🎁

In-person social gatherings to celebrate our achievements 🏝️

100% of your health insurance contribution paid by Swapcard 🏥

Work-from-home budget (one-off contribution for equipment in addition to your initial equipment setup) 🖇️

Co-working space budget to support remote work in professional environments 💼

Learning budget to help you develop new and existing skills 🤓

Mental health care initiatives to support your well-being 🧘

Equal Opportunity

Swapcard is committed to upholding equal employment practices and making merit-based employment decisions. We welcome individuals from all backgrounds, abilities, and experiences to apply, regardless of race, nationality, religion, sexual orientation, gender identity, pregnancy status, age, marital status, and status as a veteran

We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.