Senior AppSec Engineer

Department: Engineering & Product

Location: Amsterdam Office

Employment Type: FullTime

Hi! I’m Ivan, Engineering Manager for the Platform team at WeTravel. I joined WeTravel because I believe travel can be a force for good and mutual understanding. My team builds the foundations that let organizers run their business with confidence: reliable infrastructure, safe defaults, and systems we can trust as we scale.

About WeTravel

Think of the most incredible adventures imaginable: trekking to Machu Picchu, cycling through Tuscany, or going on a safari in Kenya. For years, the small businesses and local experts who run these trips have been stuck using messy spreadsheets, countless emails, and complicated payment methods.

WeTravel is changing that. We build the tools that empower any entrepreneur to launch and grow their own travel business. Our platform makes it simple for organizers to create beautiful trip proposals, securely process payments, and manage their customers, so they can focus on what they do best: creating amazing experiences.

This is one of the last great frontiers of travel to come online, and as the category leader, we are at the forefront of this change. Last year alone, our platform was trusted by 8,000 organizers to lead over a million travelers on adventures in 150+ countries. Now, we’re on a journey to grow from powering $1B to $10B in travel experiences per year.

We believe that every trip, when done right, can be a force for good, and we’re building the engine to make more of that possible.

What’s the role

We are hiring a Senior Application Security Engineer (AppSec).

This is one of our most critical roles, and it’s the first dedicated AppSec hire at WeTravel. It’s a strategic hire that will shape how we build security going forward.

This role is for you if:

• You want a challenge that lets you take ownership and help move a company toward stronger security foundations

• You’ve worked a lot with software engineers, and ideally you come from a software engineering background and know how to code

• You can lay the foundations for how AppSec will work here, and help scale it over time
  

The challenge: we need someone who can help practically secure our SaaS product while we keep moving fast. You will help build security foundations and influence mindset across teams.

We have two business use cases for this role:

• Application security: help secure the code by building systems that automatically find security bugs and help teams fix them

• Platform and infrastructure security: understand platform and infrastructure security well enough to cover both sides, because we are not hiring two roles right now
  

We are looking for the middle ground. Someone balanced. Not 100% infrastructure focused, and not someone who only knows application security but cannot connect to infrastructure topics.

What you’ll do day to day

• Work closely with the Platform team to improve security across infrastructure

• Work closely with product engineering teams to analyze code for vulnerabilities

• Build CI/CD automation to find security issues automatically

• Analyze what we have today, find gaps, take ownership, and execute on improvements

• Help shift engineering mindset to be more security focused, without blocking development
  

What success looks like

In the first 6 to 12 months, success will be measured through:

• Planning and execution on the work you identify after assessing our current state

• Clear recommendations and real delivery on improvements
  

How we work

We’re focused on impact. We don’t subscribe to any one framework or execution ideology, and we adapt based on what’s impactful.

You should apply if you have

Must have

• Experience securing SaaS product environments

• Experience in cloud native and containerized environments

• Strong CI/CD experience

• Ability to read and review code (you do not need to write application code for us day to day)

• Experience working with software engineers

• Hands on security engineering experience with strong ownership and delivery

Nice to have

• Experience in organizations with PCI DSS
  
  

Location

• Amsterdam is the first focus

• We are open to hiring across Europe for the right candidate
  
  

Benefits

• Competitive salary

• Generous "Time to Recharge" policy — enjoy unlimited paid time off to rest, recharge, and show up as your best self.

• Work remotely for a maximum of 4 weeks per calendar year.

• 2-week cross-functional onboarding program.

• Cycle-to-work scheme (Swapfiets subscription) or commuting reimbursement.

• Tuesday team lunches and after-work social events.

• Beautiful office in central Amsterdam – rooftop garden and right by Rokin metro.

• Extensive paid family leave.

• Three paid volunteer days per year — take time to give back to causes you care about, on us.

• Cutting-edge equipment and tools to set you up for success.

• Join an international, travel-loving team with a passion for adventure and innovation.

• Employer-sponsored pension plan with a 2% employer contribution deposited into your individual pension account.

• Access to a 10% group discount on supplementary/additional health insurance (aanvullende verzekeringen), with the same discount available to eligible family members.
  
  
  

Equal Opportunities

WeTravel is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees. We welcome applicants from all backgrounds, experiences, and perspectives. If you're excited about this opportunity and believe you're a good fit, we encourage you to apply and join us in transforming the travel industry!