We are one of the leading technology groups in Italy. We operate as a Business & Technology Accelerator for companies, financial institutions, and public sector organizations, supporting the evolution of their IT and digital strategies. Through an ecosystem of companies that share values, business strategies, and a common vision, we enable our clients to unlock the full potential of technology, amplifying its positive impact on both the economy and society.

What to expect

We are looking for a “Security Champion” to join our Product Engineering team. If you are a “FinTech Survivor” who loves strict code reviews and “Zero Trust” environments but is tired of the slow pace of traditional banking, this role is for you. You won’t just be patching vulnerabilities; you will design the secure architecture that protects our customers’ most sensitive financial data.

As a Senior Backend Engineer, you will act as the “Anchor” for our FinTech domain. You will own the server-side logic with a specific mandate: ensure our system is secure by design. You will build the “secure pipes” that deliver data to our AI models, ensuring compliance with federal audits (SOC2, GLBA) without slowing down innovation.

What you will do

• You will design systems where no component trusts another by default, defining strict encryption standards (at rest/in transit) and enforcing data segregation between tenants.

• You will write code that mitigates OWASP Top 10 risks (SQLi, XSS) by design, rather than fixing them after the fact.

• You will implement robust Authentication and fine-grained Authorization mechanisms using protocols like OAuth2, OIDC, and RBAC/ABAC.

• You are responsible for building immutable logging systems where every API call and database access is traced and searchable to satisfy federal audits.

• You will build data anonymization pipelines that strip PII from banking data before it reaches our Data Scientists, ensuring they can work safely.

• You will proactively update dependencies and refactor code based on security scanning results (SAST/DAST).

What we expect from you

• 5+ years of experience in backend development.

• A strong track record in regulated industries (FinTech, HealthTech, Insurance) or cybersecurity engineering.

• Proficiency in designing Microservices, Event-Driven architectures, or Modular Monoliths.

• Expert skills in API Design (REST, GraphQL, gRPC) and Testing Frameworks.

• Deep knowledge of Application Security (OWASP Top 10), Cryptography standards, and Identity Protocols (OAuth2, OIDC, SAML).

• Someone used to strict code reviews and handling PII, but looking for a faster startup environment.

• A developer who naturally gravitates towards security tickets and always spots the XSS vulnerability in code reviews.

• Experience building audit trails for SOC2 or GDPR.