Security Engineer

Who are we?

Who are we?

Channable is the beacon in a complex eCommerce landscape. Where eCommerce can be as tangled as a bowl of spaghetti, we make it a piece of cake. We provide an intuitive simple-to-use solution for both data feed management and PPC which enables online retailers, brands, and agencies to sell and advertise globally. Today, 6000+ global customers continue to boost their business to the next level using Channable’s solution.

In 7 years the Dutch startup has rapidly grown into a company with an international team of over 150 young professionals. We are the market leader in Benelux and are now conquering the rest of the world, with teams for the US, DACH, Nordics, UK, Iberia, France, and Italy, based in our office in Utrecht. While we still have a scale-up vibe, working at Channable also means being part of a professional company with a highly skilled development team.

We are now looking for a Security engineer who likes the challenge of a continuously rescaling environment.


How we develop software

We have a strong engineering culture with a focus on correctness, reliability, and maintainability of our code. We have a number of services written in Python and in Haskell. Each service exposes a REST API and our services are composed together in a service-oriented architecture in which we can continuously improve each service.

We employ a continuous integration pipeline that allows us to quickly and safely deploy features, updates and fixes several times per day. Our infrastructure is running on Google Compute Engine and we strive to automate each part of the software development process as much as possible.

Job description

What will your role be?

As part of our DevOps team, you will work on maintaining and improving the security of our infrastructure and applications. You will also help us respond to immediate threats and vulnerability reports, assess them, and either implement solutions yourself or design how they could be implemented. You are familiar with OWASP and related security terminology.

Summarized, your tasks will include (but will not be limited to) the following:

  • Hardening and securing our internal and external systems;
  • Reviewing PRs from other teams from a security perspective;
  • Teaching other developers about security best practices;
  • Reviewing bug bounty submissions and assessing their severity;
  • Improving and maintaining our monitoring and alerting systems;
  • Ensuring technical compliance with regulations such as the GDPR;
  • Occasional internal pentesting;
  • Developing new tools that help us improve and run our infrastructure.

If you want to read more about our development adventures, check out our tech blog: https://tech.channable.com/

You can also take a look at some of our open-source work at https://github.com/channable to get a feeling of how we work together and what our code looks like.

Who are we looking for?

Ideally, you have extensive experience in (web) application security and Linux security. You should be interested in operations and in keeping a complex distributed application running and secure at all times. And you can identify yourself with our core values. In more concrete terms, we expect you to have the following:

  • Committed to high engineering standards
  • Knowledgeable on OWASP best practices and principles
  • Familiar with cryptographic primitives (Hashing, symmetric- and asymmetric encryption, PKI, etc.)
  • Good understanding of networking concepts and protocols (SSH, DNS, SSL/TLS, HTTP, etc.
  • Knowledge of secrets management technologies, such as Hashicorp Vault
  • Security-awareness and familiarity with concepts like defense-in-depth and the principle of least privilege
  • Solid programming skills (preferably in either Python or Haskell)

And then there are some things that are ‘nice to have’:

  • Experience in managing infrastructure with either GCE, AWS, or Azure
  • Familiarity with infrastructure as code tooling, such as Ansible and Terraform
  • Knowledge of other Hashicorp tools, e.g., Consul
  • Having used a functional programming language like Haskell or Scala
  • Experience using the Nix package manager
  • Hands-on experience with distributed systems

Candidates of all levels are encouraged to apply. Our preference is to hire a candidate with at least a few years of experience, but we’re also open to applications from recent graduates.

Practical requirements

  • EU citizenship or a work permit, preferably already living in The Netherlands
  • Available for at least 4 days a week, preferably full-time

What do we offer?

  • Salary of 3000-6800 euros based on your experience
  • Career structure with clearly defined levels and steps
  • Challenging full-time function with space for personal initiative
  • Work within a multi-disciplinary DevOps team, with other specialists
  • Colleagues who are knowledgeable about SQL and Postgres in particular
  • Unique scaling challenges, helping us to push Postgres to its limits
  • Career opportunities within Channable
  • Working for a fast-growing company with a young and ambitious team
  • Awesome office in the city center of Utrecht and activities like hackathons and sports groups.

"What’s great about DevOps at Channable is the innovation and the culture. You get to work with cool new technologies and find solutions to new challenges. It’s a quickly growing company, where engineering and people are central. Everything you hear about the great culture is true: the colleagues are super helpful, you learn quickly and the parties are great fun."

- Tijmen de Jong, DevOps Engineer

Sounds interesting?

Send us your cv, motivation letter and web presence by clicking on the 'apply now' button. We will respond within 5 working days. The procedure includes two rounds of (online) interviews. Do you have any questions about this vacancy? Please contact Mart (mart.vreeswijk@channable.com).

Do you want to see more of Channable and your future colleagues? Check out our social media channels like InstagramLinkedin and our page about Channable's culture.

Contact by job agencies and recruiters will not be appreciated. Each recruiter or headhunter who approaches us agrees with a donation of € 250,- for Make-A-Wish.