SecOps Engineer (AppSec)
New
Every city in BrazilFull-TimeMiddle
Salary not disclosed
Apply NowOpens the employer's application page
Job Details
- Languages
- Advanced English
- Required Skills
- AWSNode.jsPythonJavaGitHub
Requirements
- Graduation complete or in progress in IT courses or related areas
- Previous experience as an AppSec Engineer or Penetration Tester with Cloud Security capabilities
- Strong GitHub knowledge
- Strong script languages knowledge (Python and Shell Script)
- Experience in reviewing and implementing internal processes and controls, and managing security projects
- Knowledge in cybersecurity, with focus on cloud security, infrastructure, and monitoring
- Previous experience with Amazon AWS
- Knowledge of the PTES, OSSTM, OWASP, and NIST CSF
- Desirable Java and/or Node.js knowledge
- Offensive security certifications like OSCP, eCPPT or others (a plus)
- Advanced English
Responsibilities
- Protect the confidentiality, integrity, and availability of applications, services, data, and cloud infrastructure
- Identify, analyze, and mitigate vulnerabilities
- Provide support, guidance, and education to the DevOps Team, application owners, and other areas
- Plan, manage, and execute remediation efforts
- Assist with the development of application security test plans
- Research, evaluate, and recommend new and existing tools and techniques
- Collaborate with threat detection and incident response when responding to security threats
- Provide documentation on vulnerability and risk analysis for security audits
- Develop and implement application security processes, including identifying application security weaknesses, developing security strategies, and performing penetration tests
- Develop and implement security-related standards, policies, and procedures
- Analyze security data to identify and mitigate potential threats
- Perform internal security audits
- Conduct internal penetration tests and vulnerability assessments, as well as develop remediation plans for findings
- Create and manage risk analysis documentation
- Manage the development of security metrics and reports
- Manage the architecture and implementation of information security best practices
- Maintain a security engineering knowledge base
View Full Description & ApplyYou'll be redirected to the employer's site
