Analista de Segurança da Informação Sr – APP SEC

This is a fully remote position, open to applicants in Brazil.

📋 Description

• Structure and enhance practices for Secure Software Development Life Cycle (S-SDLC)

• Conduct threat modeling for applications and APIs

• Implement and manage security tools: SAST, DAST, SCA, IAST

• Perform code analyses focusing on vulnerabilities and security best practices

• Manage vulnerabilities, including identification, prioritization, risk analysis, and remediation tracking

• Integrate security controls into CI/CD pipelines

• Support development teams in adopting DevSecOps practices

• Work with security in Cloud environments (AWS, Azure, or GCP)

• Implement security best practices in containers and orchestration: Docker, Kubernetes

• Collaborate with edge protection solutions: WAF, API Gateway, IDS/IPS, Next Generation Firewall

• Assist in hardening initiatives, network segmentation, and access control

• Ensure compliance with frameworks and standards such as: OWASP Top 10, OWASP ASVS, OWASP SAMM, ISO 27001/27002, NIST Cybersecurity Framework

⛳️ Requirements

• Proven experience of at least 3 years in Application Security

• Practical experience with AppSec, DevSecOps, and security in development

• Knowledge of CI/CD pipeline automation with a focus on security

• Experience with vulnerability analysis tools and code review

• Understanding of application architecture, APIs, and microservices

• Experience with cloud environments and containers

• Knowledge of Git and versioning workflows

• Familiarity with incident management and security risk analysis

🏝️ Benefits

• Medical and dental insurance.

• Life Insurance.

• Meal Allowance/Meal Voucher.

• Transportation Voucher.

• Discount Club.

• Access to Wellhub (gyms) and Mente Tranquila.

• Discounts on Positivo products.

• Partnership with a University.

• And much more.