Full Stack Security Developer (f/m/x)

Permanent employee, Full or part-time · Remote

Read job description in:
Your mission
If you are either a Full Stack/Javascript developer with a strong background in IT Security or an IT Security Engineer who wants to write code, then join us and help build the most-secure and privacy-minded Web and Javascript applications!

Objectives
  • Design, implement, test and integrate core security and privacy features in our polypoly products and platform
  • Be the "Security Champion" for the development team
  • Own operational security of your applications
  • Help us to implement security automation into our CI/CD pipelines
Responsibilities
  • Work as part of the development team to implement security and privacy features
  • Write and maintain secure code 
  • Act as the security champion and mentor other developers on IT security and secure development
  • Work closely with DevOps and QA teams on security automation
  • Triage security issues found by SCA/SAST/DAST tools or external vulnerability reporters
Your profile
Skills and qualifications
  • Knowledge of one or more programming languages (Javascript/Typescript, Swift, Kotlin and Rust)
  • Proven experience writing secure code and in implementing security and privacy features
  • Proven experience with securing Javascript applications and APIs against XSS, CSRF and other common attacks
  • Experience with Web security technologies, standards and protocols such as HTTPS, TLS, and CSP
  • Experience with using SCA/SAST/DAST tools
  • Knowledgable about cryptography, and familiar with some common cryptographic attacks and their mitigations
  • Experience with test-driven security (TDS) is a plus
  • Knowledgable about agile development methods, and you have already worked in cross-functional, self-organized teams
  • Experience with peer-to-peer and decentralised infrastructures is a plus
  • You are fluent in English; German is a plus
About us
The Company
polypoly is actually a group of three independent companies: the polypoly Cooperative, the first data cooperative in Europe and one of the few digital cooperatives in the world. Here, we build the polyPod, our open-source technology. An iOS/Android App to handle your personal data and the possibility to make money with it. The polypoly Enterprise, who's handling our B2B projects and software, and the polypoly Foundation, a non-profit organisation.

Hi! That's us, just changing the world for the better. A mission for a new, better economic system for data that is social, sustainable and independent. We are building the ecosystems for a decentralised data economy – from Europe, for Europe and later for the world. We are providing the necessary organisational and technical infrastructure, enabling citizens, entrepreneurs and public servants to make a smooth transition from a centralised to a decentralised data economy. Hey, nobody said it would be easy to change the world. But it's still fun! If you want to join our mission and change the world, we would love to meet you!

Working for polypoly
We are a pretty uncommon start-up. Yes, we are young and wild, maybe a bit chaotic and yet highly motivated. But... for a start-up, we also have a bunch of experts on board. For us at polypoly it's all about togetherness – the younger ones learn from professionals and the professionals get carried away by the fresh wind of youth, embrace their new ideas, and together we create something really big to make a change.

We may not have a fancy office with a ball pit, slide, fresh fruit and vegetables, and company yoga or massages, but we do have a highly flexible working model that you can design yourself 100% remote. Embrace your work-life-balance.

Everyone is welcome here – including you!

We are an open, diverse, inclusive and international team that stands together for each other and our vision. Sounds too good to be true? We mean what we say. We have not only made it our mission, for us it is a matter of course to offer everyone the same opportunities. Everyone can be themselves here. Regardless of gender, skin colour, sexual orientation, physical or mental stress and/or disability. And yes, it is sad to even have to mention it so specifically nowadays. But we do, because we care!

If you would like to see for yourself, you can simply ask us about it in advance. Get to know us and find out first-hand from team members who are in a similar situation maybe like you, what it's like to work at polypoly and finally be truly yourself again. Interested to enrich our team with your abilities and your spirit? If so, join us! We are happy to talk to you.

So we are an open, diverse, international team that stands together for each other and our vision. And sometimes we are a bit funny, too. But to put the sarcastic note aside a little: What do we offer you here, besides a good amount of humanity and a lot of fun?

We offer...
  • … you the possibility to contribute your experiences and are open to new ideas and fresh input
  • … flat hierarchies
  • … further development opportunities for professional and personal development
  • … creative freedom; no deadlocked structures
  • … a hands-on mentality
  • … an interesting and challenging job with a varied range of tasks
  • … you company devices (e.g. Apple MacBook Pro), and what's needed to keep them alive'n kickin'
  • … regular company workshops across Europe
  • … you to work with a team that continually shares knowledge and is not afraid of testing new solutions 

Deine Aufgaben
Wenn Du entweder ein Full-Stack-/Javascript-Entwickler mit starker IT-Sicherheits-Erfahrung oder ein IT-Sicherheitsingenieur bist der Code schreiben möchte, dann komm zu uns und hilf uns bei der Entwicklung der sichersten und privatsphäre-freundlichsten Web- und Javascript-Applikationen.

Ziele
  • Entwerfe, implementiere, teste und integriere grundlegende Sicherheits- und Privatsphäre-Funktionen in unseren polypoly-Produkten und der polypoly-Platform
  • Sei der "Security Champion" für das Entwicklungsteam
  • Verantwortlich für die operative Sicherheit Deiner Applikationen
  • Hilf uns bei der Sicherheitsautomatisierung unserer CI/CD-Pipeline
Betätigungsfelder
  • Arbeite als Teil des Entwicklungsteams an der Implementierung von Sicherheits- und Privatsphäre-Funktionen
  • Schreibe und pflege sicheren Code
  • Agiere als der "Security Champion" und betreue andere Entwickler bzgl. IT-Sicherheit und bei der Entwicklung von sicherem Code
  • Arbeite bzgl. Sicherheitsautomatisierung eng mit dem DevOps- und QA-Team zusammen
Dein Profil
Tools/ Skills
  • Gute Kenntnisse in einer oderer mehreren Programmiersprachen (Javascript/Typescript, Swift, Kotlin und Rust)
  • Nachgewiesene Erfahrung im Schreiben von sicherem Code und in der Implementierung von Sicherheits- und Privasphäre-Funktionen
  • Nachgewiesene Erfahrung in der Absicherung von Applikationen und APIs gegen XSS, CSRF und andere häufige Angriffe
  • Erfahrung mit Web-Sicherheitstechnologien, -Standards und -Protokollen wie z.B. HTTPS, TLS, and CSP
  • Erfahrung in der Nutzung von SCA/SAST/DAST-Werkzeugen
  • Kenntnisse von agilen Entwicklungmethoden und Erfahrung bei der Arbeit in funktionsübergreifenden und selbstorganisierten Teams
  • Erfahrung mit Peer-to-Peer und dezentralisierten Infrastrukturen ist ein Plus
  • Du sprichst fließend Englisch; Deutschkenntnisse sind ein Plus
Über uns
The Company
polypoly is actually a group of three independent companies: the polypoly Cooperative, the first data cooperative in Europe and one of the few digital cooperatives in the world. Here, we build the polyPod, our open-source technology. An iOS/Android App to handle your personal data and the possibility to make money with it. The polypoly Enterprise, who's handling our B2B projects and software, and the polypoly Foundation, a non-profit organisation.

Hi! That's us, just changing the world for the better. A mission for a new, better economic system for data that is social, sustainable and independent. We are building the ecosystems for a decentralised data economy – from Europe, for Europe and later for the world. We are providing the necessary organisational and technical infrastructure, enabling citizens, entrepreneurs and public servants to make a smooth transition from a centralised to a decentralised data economy. Hey, nobody said it would be easy to change the world. But it's still fun! If you want to join our mission and change the world, we would love to meet you!

Working for polypoly
We are a pretty uncommon start-up. Yes, we are young and wild, maybe a bit chaotic and yet highly motivated. But... for a start-up, we also have a bunch of experts on board. For us at polypoly it's all about togetherness – the younger ones learn from professionals and the professionals get carried away by the fresh wind of youth, embrace their new ideas, and together we create something really big to make a change.

We may not have a fancy office with a ball pit, slide, fresh fruit and vegetables, and company yoga or massages, but we do have a highly flexible working model that you can design yourself 100% remote. Embrace your work-life-balance.

Everyone is welcome here – including you!

We are an open, diverse, inclusive and international team that stands together for each other and our vision. Sounds too good to be true? We mean what we say. We have not only made it our mission, for us it is a matter of course to offer everyone the same opportunities. Everyone can be themselves here. Regardless of gender, skin colour, sexual orientation, physical or mental stress and/or disability. And yes, it is sad to even have to mention it so specifically nowadays. But we do, because we care!

If you would like to see for yourself, you can simply ask us about it in advance. Get to know us and find out first-hand from team members who are in a similar situation maybe like you, what it's like to work at polypoly and finally be truly yourself again. Interested to enrich our team with your abilities and your spirit? If so, join us! We are happy to talk to you.

So we are an open, diverse, international team that stands together for each other and our vision. And sometimes we are a bit funny, too. But to put the sarcastic note aside a little: What do we offer you here, besides a good amount of humanity and a lot of fun?

We offer...
  • … you the possibility to contribute your experiences and are open to new ideas and fresh input
  • … flat hierarchies
  • … further development opportunities for professional and personal development
  • … creative freedom; no deadlocked structures
  • … a hands-on mentality
  • … an interesting and challenging job with a varied range of tasks
  • … you company devices (e.g. Apple MacBook Pro), and what's needed to keep them alive'n kickin'
  • … regular company workshops across Europe
  • … you to work with a team that continually shares knowledge and is not afraid of testing new solutions 

We look forward to hearing from you!
Thank you for your interest in polypoly. Please fill out the following short form. Should you have any difficulties with uploading of your data, please send an email to people@polypoly.net.

Please upload your CV and optionally a short cover letter and any recent certificates (max. 20 MB in total).

Click to select multiple files or use drag-and-drop
Click to select multiple files or use drag-and-drop
Click to select multiple files or use drag-and-drop
Click to select multiple files or use drag-and-drop

Uploading document. Please wait.