This is a fully remote position, open to applicants in Brazil.

• Directly oversee the security of cloud environments and infrastructure.

• Take charge of security incidents, managing them from start to finish.

• Identify, assess, and mitigate risks associated with IAM and excessive permission levels.

• Handle secrets and control access to credentials.

• Manage the external exposure of services.

• Develop and enhance DevSecOps practices.

• Design and automate security controls within CI/CD pipelines.

• Collaborate with infrastructure as code (Terraform) to address vulnerabilities.

• Operate within container environments (Kubernetes/ECS) to ensure security and hardening.

• Establish monitoring, alerts, and security visibility (observability).

• Work in partnership with engineering teams to improve the security posture of applications.

• Practical experience with cloud platforms, preferably AWS.

• In-depth knowledge of IAM (roles, policies, and least privilege principles).

• Understanding of networking concepts (VPC, public exposure, security groups).

• Familiarity with infrastructure as code (Terraform).

• Experience with containers and orchestration technologies (Kubernetes and/or ECS).

• Proficiency in CI/CD pipelines.

• Implementation of security measures within pipelines, including SAST, DAST, and SCA.

• Experience with secret scanning methodologies.

• Familiarity with observability and monitoring tools.

• Background in security incident response.

• National Bradesco health plan (eligible).

• Paid time off and a flexible benefits card (Caju).

• Stock options available based on the candidate's interest in this type of equity.

• Meal allowance benefits.

DevSecOps Engineer

People also viewed