Cybersecurity Analyst - DevSecOps (Remote)

Minimun 4 years of experience in a similar role. Bachelor's or Master’s degree in Cybersecurity, Information Security, Computer Science, or a related field. Knowledge of security frameworks such as ISO 27001, NIST, PCI-DSS, OWASP. Strong understanding of cloud computing, networking, application development, cryptography, and code review, with expertise in AWS. Familiarity with attack and exploitation techniques related to operating systems, applications, and devices (MITTRE, OWASP, CompTIA Security+, CE, etc). Knowledge of endpoint security and experience with security tools such as Microsoft Defender, Azure, and Entra. Experience with vulnerability scanning tools (SonarQube, AWS Inspector, Qualys, Nessus, etc.) is a plus. Proficiency in programming and scripting languages such as Java and PHP. Ability to evaluate and manage security threats in structured environments. Strong analytical and problem-solving skills. Effective communication and collaboration skills with cross-functional teams. Experience creating and reporting KPIs related to cybersecurity. Relevant certifications (e.g., CompTIA Security+, CISSP, CEH) are a plus.

Work with operations and development teams to ensure security requirements are integrated and maintained within the infrastructure and the secure development life cycle Assess and mitigate security vulnerabilities across networks, applications, and cloud environments (AWS expertise required). Google Cloud knowledge is a plus. Conduct penetration testing to identify attack vectors and security weaknesses. Monitor, analyze, and manage security threats using endpoint protection tools such as Microsoft Defender, Azure, and Entra. Perform vulnerability assessments utilizing tools such as SonarQube, AWS Inspector, Qualys, Nessus, and others. Ensure security best practices for data and system protection are followed. Collaborate with development teams to review code and improve application security. Support incident response efforts by investigating and mitigating security incidents. Track and report cybersecurity metrics and KPIs for the Security Department. Work with ticketing systems like Jira to manage security-related tasks and incidents. Implement and maintain security frameworks, including ISO 27001, NIST, PCI-DSS.