Junior Consultant working on Cyber Security standards and customer advisory at MKS4U IT - Beratungs GmbH. Engaging in security assessments and developing long - term security strategies.
About the role
- Analista de Application Security Pleno ensuring code integrity and security at Evertec, a tech company for the financial sector in Brazil. Responsible for security scanning, remediation support, and CI/CD integration.
Responsibilities
- Security Scanning: Operate SAST (static), DAST (dynamic) and SCA (dependency) tools, performing critical analysis of results to eliminate false positives.
- Remediation Support: Act as a consultant to developers, explaining identified vulnerabilities and recommending fixes based on secure coding best practices.
- CI/CD Integration: Maintain and configure security gates in development pipelines to ensure analyses run automatically.
- Code Review: Conduct security-focused code reviews of critical code sections, searching for logical errors and common security flaws.
- Support for Security Champions: Assist security focal points within squads, answering technical questions and participating in development rituals.
- Technical Documentation: Keep secure development manuals and the company's vulnerability knowledge base up to date.
Requirements
- Experience with AppSec Tools: Hands-on experience with at least one market-leading tool (e.g., Snyk, Checkmarx, SonarQube, Fortify, or Burp Suite).
- Development Knowledge: Technical ability to read code in languages common in the financial market (such as Java or .NET) and to understand API logic.
- Security Standards: Familiarity with the OWASP Top 10 and vulnerability analysis methodologies.
- DevOps Knowledge: Basic understanding of pipelines (Jenkins, GitHub Actions, or GitLab) and how security fits into them.
- Bachelor's degree in Technology or Information Security.
- The following are a plus:
- Financial sector experience: Knowledge of electronic transaction flows or banking security standards.
- Basic automation: Knowledge of Python or Bash for creating small automation scripts.
- Container security: Familiarity with Docker and Kubernetes security.
- Certifications such as CompTIA Security+, eWPT, or specific OWASP training.
Benefits
- Meal or food allowance;
- Flexible Benefit (Flash);
- Health insurance;
- Partners for psychological, legal, financial and nutritional services (CLUDE, C4LIFE and ASQ);
- Psicologia Viva (mental health support service);
- Dental care;
- Childcare allowance;
- Support for children with special needs;
- Fertility treatment assistance;
- Extended maternity and paternity leave;
- Commuting allowance or Home Office allowance (for remote contracts);
- Gympass (Wellhub) and TotalPass;
- Flexible working hours;
- Life insurance;
- Partnership club;
- Partnership with Sesc;
- Just dress — no dress code;
- Day off on your birthday;
- Scholarship (education incentive program);
- PPR or bonus — subject to achievement of targets and results.
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
IT - Security Consultant at Institut für Datenschutz und Datensicherheit guiding IT compliance and security strategies. Engage with clients to enhance IT security practices across Germany.
Business Development Representative creating and managing lead generation pipelines for cybersecurity solutions. Engaging with enterprise clients in Switzerland and Germany in a hybrid work model.
Information Security Officer responsible for developing and implementing security strategies at an IT service provider for the food and beverage industry. Engaging with teams and management on cyber risks and compliance.
Information Security Manager leading CISOaaS or GRC consultants for NVISO in Germany. Enhancing clients’ cybersecurity posture and driving strategic security initiatives.
Técnico de Segurança do Trabalho JR assisting with safety documentation and training for field activities at Arcadis. Focused on sustainable solutions in engineering and consulting.
Senior Security Engineer managing the vulnerability management program and collaborating with engineering teams at Causaly. Focused on cloud security and secure coding practices.
Infra Security Engineer focusing on endpoint security solutions in South Korea's urban mobility services. Collaborating on security architecture and threat detection initiatives.
Compliance Specialist managing documentation and policies for Orro's Information Security Management System. Supporting essential compliance activities across ISO 27001 and IRAP with strong attention to detail.
Senior Cyber Security Consultant supporting client cybersecurity development initiatives. Job focuses on administrative and technical aspects of cybersecurity within a collaborative consulting team setting.