This website uses cookies to ensure you get the best experience.

GlobeSearch A/S and our selected partners use cookies and similar technologies (together “cookies”) that are necessary to present this website, and to ensure you get the best experience of it. If you consent to it, we will also use cookies for analytics purposes.

See our Cookie Policy to read more about the cookies we set.

You can withdraw and manage your consent at any time, by clicking “Manage cookies” at the bottom of each website page.

Select which cookies you accept

On this site, we always set cookies that are strictly necessary, meaning they are necessary for the site to function properly.

If you consent to it, we will also set other types of cookies. You can provide or withdraw your consent to the different types of cookies using the toggles below. You can change or withdraw your consent at any time, by clicking the link “Manage Cookies”, which is always available at the bottom of the site.

To learn more about what the different types of cookies do, how your data is used when they are set etc, see our Cookie Policy.

These cookies are necessary to make the site work properly, and are always set when you visit the site.

Vendors Teamtailor

These cookies collect information to help us understand how the site is being used.

Vendors Teamtailor
Skip to main content
Avallone · GlobeSearch

Senior Software Engineer - Application Security

Avallone is seeking a Senior Software Engineer with a strong security mindset to strengthen the foundations of Avallone’s platform.

JOB DESCRIPTION

Avallone is seeking a Senior Software Engineer with a strong security mindset to strengthen the foundations of Avallone’s platform. This is a hands-on engineering role focused on building robust guardrails that keep customer data correctly isolated (across tenants and within a tenant), observable, and debuggable. The role focuses on preventive platform controls that make security a built-in property, not a convention or a manual approval gate.

In this position, the successful candidate will be expected to reduce complex systems to clear constraints and invariants, enjoy building shared abstractions and libraries that raise the floor for everyone, and move comfortably between high-level design and hands-on implementation. A key part of the role is ensuring non-functional security requirements are defined early and carried through from architecture and implementation to release and incident learnings.


Technically, Avallone builds with modern tooling to stay efficient and effective, including TypeScript as the main language, Node/Nest.js for backend development, and React with Mobx on the frontend. The infrastructure relies on AWS, managed with Pulumi, while GitHub Actions helps streamline CI/CD pipelines. The role is based in Copenhagen and reports to the CTO.


Your primary tasks and areas of responsibility:

  • Own platform guardrails that ensure strong data isolation guarantees and secure-by-default behavior across the product.

  • Design and implement authorization mechanisms (RBAC and FGA where needed) with consistent enforcement across all access paths.

  • Build security execution primitives, including secure-by-default building blocks for queries, sharing flows, jobs, imports, and bulk or destructive actions.

  • Strengthen logging, metrics, and tracing for critical paths to ensure end-to-end observability and fast debugging when things go wrong.

  • Own and drive Avallone’s security program in partnership with the CTO, including SOC 2 Type II readiness, control implementation, evidence collection, and continuous improvement (with a pragmatic, engineering-first approach).

  • Act as incident security lead when needed: coordinate investigation and containment, communicate clearly, drive post-mortems and corrective actions, and ensure learnings are translated into durable preventive controls.

  • Translate incident learnings into preventive controls, regression tests, and targeted Secure SDLC practices, including lightweight gates for high-risk changes and targeted test strategies.



REQUIRED SKILLS AND EXPERIENCE


The ideal candidate is expected to have an education at BA or MA level, but experience from a similar role is more important.


Furthermore, you are expected to have:

  • Significant experience (typically 5+ years) as a backend or platform engineer working on a production SaaS product.

  • Strong proficiency with a typed backend language (TypeScript/Node, Java, C#, Go, or similar), relational databases, and query layers (ORMs and/or SQL).

  • Experience working in modern cloud environments (ideally AWS) and CI/CD pipelines.

  • Hands-on experience designing and implementing access control and data isolation in real systems.

  • A strong security mindset, including thinking in terms of threats, blast radius, invariants, and failure modes, and familiarity with common web application security risks (for example, OWASP Top 10).



COMPANY DESCRIPTION


Avallone was built to fix the way KYC works for modern businesses. Avallone identified a global, growing problem: an essential process that was time-consuming, inconsistent, and full of risk. The company was built around solving this KYC challenge.


Founded in 2020 by Anders Meinert Jørgensen, Martin Albertsen, and Thomas Helms, Avallone combines deep regulatory expertise with modern, intuitive technology to simplify how KYC information is exchanged between counterparties. Avallone deliberately chose this space because it is difficult, important, and underserved, and that is exactly where Avallone believes the biggest impact can be made.


Since launch, Avallone has grown into a trusted partner for organizations navigating complex compliance workflows. With secure infrastructure, flexible tools, and responsive services, Avallone helps teams save time, reduce risk, and stay in control, while contributing to the broader fight against financial crime.


Avallone’s mission is to empower corporates, funds, and banks to seamlessly exchange KYC information through innovative technology and deep expertise. Avallone works with customers including Novo Holdings, Urban Partners, Agreena, Ava Labs, aip, SMEDVIG CAPITAL, and Save the Children.



ADDITIONAL INFORMATION

Reporting to: CTO

Languages: English

Compensation package: Attractive compensation package according to qualifications

Starting date: ASAP

Location: Copenhagen (on-site)



APPLICATION


GlobeSearch is responsible for the recruitment process on behalf of Avallone. To apply for this position please follow the process through the job posting on our website.


Afdeling
Avallone
Picture of Tomas Talbro
Contact Tomas Talbro Partner
Avallone · GlobeSearch

Senior Software Engineer - Application Security

Avallone is seeking a Senior Software Engineer with a strong security mindset to strengthen the foundations of Avallone’s platform.

Loading application form

Applicant tracking system by Teamtailor