Application Security Analyst

This is a fully remote position, open to applicants in Portugal.

📋 Description

• Operate and oversee security scanning tools, such as SAST, SCA, IaC, and Container Scanning (specifically Veracode, GHAS, and Hackuity).

• Assess and prioritize vulnerabilities found in code, delivering actionable insights and supporting remediation efforts alongside development teams.

• Integrate security protocols into CI/CD pipelines using tools like Git, Azure DevOps, and GitHub.

• Promote a culture of secure coding by leading developer communities, generating awareness content, and facilitating onboarding for new projects within the AppSec program.

• Maintain independence in coordinating the implementation of security measures across targeted projects, ensuring adherence to the OWASP Top 10.

⛳️ Requirements

• Demonstrated experience in Application Security, particularly in vulnerability detection and management throughout the SDLC.

• Strong practical knowledge of programming languages such as JavaScript, .NET (C#), Python, and Java.

• Expertise with SAST/SCA platforms (experience with Checkmarx or Veracode is highly regarded).

• Comprehensive understanding of the OWASP Top 10 and secure coding methodologies.

• Familiarity with CI/CD pipelines, Git workflows, and cloud-native security principles.

• Proficiency in English (minimum B2 level) to collaborate effectively in an international nearshore setting.

🏝️ Benefits

• Employees can work remotely.