INTRO

At Pleo, we’re on a mission to revolutionise the way businesses manage company spending. No more outdated processes, clunky spreadsheets, or frustrating delays – we believe spend management should be seamless, empowering, and surprisingly effective for finance teams and employees alike. We’re creating tools that promote autonomy, foster trust, and let businesses focus on what truly matters.
Our culture is built on transparency, collaboration, and a deep commitment to innovation – which is reflected in our spending solution. At Pleo, you’ll join a passionate team shaping the future of work, all while having some fun along the way.About the role
We’re looking for a Senior Application Security Engineer to join our Security team at Pleo. In this role, you’ll help shape the future of application security at Pleo and be part of the wider effort to protect our customers’ money and data as we scale. If you’re excited about applying security in pragmatic, scalable ways – and are passionate about building resilient financial products – then this is the opportunity for you!

GOT ANY QUESTIONS?

Read our FAQ
Apply for this role
We’re looking for new friends, gifted minds, team players, restless talents and passionate problem solvers.
First Name
Last Name
Email
Phone
+44
Resume/CVAttach
(File type: pdf, doc, docx, txt, rtf), max 5MB
Cover LetterAttach
(File type: pdf, doc, docx, txt, rtf), max 5MB
LinkedIn Profile
Website
Github
Tell us: Why Pleo? Why this job? And Why you?
Something that got you excited recently?
Do you have the legal right to work in your country of choice?
Do you now or in the future require any visa support from Pleo to continue/begin living and working within your country of choice?
What location would you be working from?
I accept the Terms of Service and Privacy Policy
Submit
Some more roles for you…
And it doesn’t stop there. Why not have a browse at our other open roles in this department?
People Partner - Mat Cover
Remote
Procurement Specialist
Lisbon, Madrid
Business Development Associate DACH
Lisbon
See more roles
How Pleo hires
-
1
The first call(s)
Let’s get to know each other. We want to find out more about you, your motivations, and give you more information about the role.
-
2
The challenge
The task is deliberately open-ended and based on something you’ll actually work on. There are no right or wrong answers here.
-
3
The team interview
Expect to share a (virtual) meeting room with two to three people you’ll work with regularly if you get the job.
-
4
The final interview
A call with someone in leadership who’ll walk you through the big picture and chat about how your role will figure into that.
Find out more

WHAT YOU’LL BE DOING

As an Application Security Engineer, you will:

• Partner with engineering teams to design and review secure technical solutions.
• Dive deep into authentication, encryption, and partner integration security topics.
• Help triage and resolve issues identified through our bug bounty program.
• Guide developers on secure coding practices and help fix identified vulnerabilities.
• Support GRC and DevOps teams with automation and security controls in our CI/CD pipelines.
• Help plan, prioritise, and own the Application Security roadmap.
• Drive long-term security initiatives that balance automation, compliance, and access needs.

HOW YOU’LL DEVELOP IN THIS ROLE

In your first 6 months at Pleo, you’ll:

• Lead and refine our Application Security roadmap.
• Drive improvements in secure development practices across engineering teams.
• Shape and execute long-term security initiatives that support scalable product growth.

We’re committed to helping you develop your career, whether that means taking on bigger projects, mentoring others, or expanding your expertise into new areas.

You’ll thrive in this role if you have:

• Strong communication skills and a pragmatic approach to security.
• Experience working closely with developers and product teams.
• Proficiency in at least one server-side language – we mainly use Kotlin and TypeScript.
• Expertise in code review and dynamic testing to identify security flaws.
• A deep understanding of security libraries, controls, and common vulnerabilities.
• Subject matter expertise in at least one technical area of application security.
• A passion for learning and solving unfamiliar or complex problems creatively.
• The ability to approach problems with honesty, curiosity, and clarity