Remotery

AppSec, DevSecOps Engineer – Mid

Posted May 12

This is a fully remote position, open to applicants in Brazil.

📋 Description

• Act as a technical authority for Application Security (AppSec) and DevSecOps, integrating security throughout all phases of projects.

• Incorporate security measures into the software development lifecycle (Secure SDLC / Shift Left).

• Create, standardize, and uphold secure, reusable, automated, and version-controlled CI/CD pipelines.

• Apply DevSecOps practices and controls within continuous delivery processes.

• Execute risk assessments, threat modeling, and security evaluations for applications and architectures.

• Conduct triage, analysis, and vulnerability management, assisting developers in resolving issues.

• Manage and operate SAST, DAST, SCA, container security, and Infrastructure as Code (IaC) tools.

• Carry out security-centric code reviews, particularly for .NET Core and Node.js applications.

• Work within Cloud environments, assessing architectures and security measures.

• Ensure compliance with governance and regulatory standards such as ISO 27001, SOC 2, and PCI DSS.

• Develop scripts and automations for security controls and SIEM/SOC integration.

• Foster advocacy, mentorship, and training for technology teams in secure development practices.


⛳️ Requirements

• Extensive experience in Application Security (AppSec) and/or DevSecOps.

• Practical knowledge of Secure SDLC and Shift Left methodologies.

• Proficient with CI/CD pipelines (e.g., Azure DevOps, GitHub Actions, GitLab CI, Jenkins).

• Familiar with SAST, DAST, and SCA tools.

• Understanding of .NET Core and Node.js for code assessment and review.

• Background in vulnerability assessment and remediation.

• Knowledgeable in Cloud Computing (AWS, Azure, or GCP).

• Familiar with containerization (Docker/Kubernetes) and IaC (Terraform, ARM, CloudFormation).

• Strong grasp of secure architecture and Threat Modeling principles.

• Relevant security certifications (e.g., CSSLP, CEH, Security+, AZ-500, AWS Security).

• Previous involvement with SIEM/SOC.

• Familiarity with OWASP Top 10, ASVS, and SAMM.

• Experience in regulated or high-criticality environments.


🏝️ Benefits

People also viewed

Waymark3 days ago

Senior DevOps Engineer

US flagAlabama, +12 more statesFull-timeDevOps & Site Reliability Engineer (SRE)$109k – $194k/year
ApplyView job
EITACIES Inc.5 days ago

Kubernetes Site Reliability Engineer

US flagUnited States OnlyFull-timeDevOps & Site Reliability Engineer (SRE)$60 – $64/hour
ApplyView job
N2JSoft, administrative and HR softwares6 days ago

DevOps confirmé

FR flagFrance OnlyFull-timeDevOps & Site Reliability Engineer (SRE)€60k/year
ApplyView job
It's Prodigy6 days ago

DevOps Engineer, Cloud

Anywhere in the WorldFull-timeDevOps & Site Reliability Engineer (SRE)
ApplyView job
WeSoftYou Inc.6 days ago

DevOps Engineer – Part-Time

UA flagUkraine OnlyPart-timeDevOps & Site Reliability Engineer (SRE)
ApplyView job
Experian6 days ago

Mid Cloud Product Reliability Engineer

BR flagBrazil OnlyFull-timeDevOps & Site Reliability Engineer (SRE)
ApplyView job

Never miss a great job!

Get handpicked remote jobs straight to your inbox weekly.

Trusted by 7,400+ designers