Design and Release Engineer focusing on Mirror Systems at Ford. Responsible for design, development, and compliance of automotive mirrors.
About the role
- Application Security Manager at Evertec, handling security strategy and implementation in financial tech. Leading efforts in Application Security, DevSecOps, and compliance with financial regulations.
Responsibilities
- Develop, implement, and maintain the Corporate Secure Development Program (SDL/SSDLC), ensuring security from design through production.
- Define and evolve Application Security standards, including secure code review, guidelines, controls, libraries, and frameworks.
- Lead Threat Emulation initiatives, Threat Modeling (STRIDE, DREAD, MITRE ATT&CK) and risk-driven offensive simulations.
- Implement security pipelines in CI/CD using tools such as SAST, SCA, DAST and container scanning.
- Assess, advise on, and track remediation of vulnerabilities identified in applications, APIs, microservices and integrations.
- Conduct architectural reviews, supporting engineering teams in defining secure patterns.
- Work with the Zero Trust model, ensuring applications and APIs follow strong authentication and authorization principles.
- Create, maintain, and evolve security mechanisms for APIs, microservices and distributed applications.
- Build automation and governance workflows in ticketing systems for requests, audits and AppSec demands.
- Collaborate with engineering teams to identify, mitigate and prevent risks in code and architecture.
- Perform and oversee internal offensive tests (Threat Emulation), such as targeted pentests, API exploitation and attack simulations.
- Support development and SRE teams in applying patches, fixes and vulnerability mitigations.
- Ensure compliance with financial market regulatory standards, including Central Bank regulations, NIST, ISO 27001, OWASP and audit requirements.
- Manage continuous improvement initiatives, raise AppSec maturity levels and act as an internal technical reference.
Requirements
- Proven experience in Application Security (AppSec), leading strategic and technical initiatives.
- Hands-on experience with SDL/SSDLC and integrating security throughout the software development lifecycle.
- Solid knowledge of offensive security applied to applications, including vulnerability analysis, secure code review, APIs and Threat Modeling.
- Experience with DevSecOps practices and tools such as SAST, SCA, DAST and container scanning, with a focus on automation.
- Good understanding of security standards and frameworks (OWASP, NIST, ISO 27001, Zero Trust).
- Ability to perform architectural analysis and guide secure technical decisions for applications and APIs.
- Experience managing multidisciplinary teams.
- University degree.
- Advanced English.
Benefits
- Meal or food allowance;
- Flexible Benefit (Flash);
- Health insurance;
- Partners for psychological, legal, financial and nutritional support (CLUDE, C4LIFE and ASQ);
- Psicologia Viva;
- Dental insurance;
- Childcare assistance;
- Support for children with special needs;
- Fertility treatment assistance;
- Extended maternity and paternity leave;
- Transportation voucher or Home Office allowance (for telework contracts);
- Gympass (Wellhub) and TotalPass;
- Flexible working hours;
- Life insurance;
- Partnership club;
- Partnership with Sesc;
- Just dress — no dress code;
- Birthday day off;
- Beca (education incentive program);
- Profit-sharing (PPR) or Bonus — based on achievement of goals and results.
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Location requirements
Site Reliability Engineer ensuring reliability, automation, and observability across cloud infrastructures for Diligent. Leading initiatives to improve performance in fast - paced environments.
Senior DevOps Engineer leading DevOps design and implementation for gaming projects at Stillfront. Collaborating with international teams to enhance gaming infrastructure and reduce costs.
Mainframe DevOps Engineer at Kyndryl enhancing mainframe delivery practices and migrating SCM to Azure DevOps. Requires extensive Mainframe development experience and DevOps skills.
Engineering Manager for Observability & DevOps Tools at LexisNexis leading a team and enhancing system reliability.
DevOps/MLOps Engineer designing, automating, and maintaining scalable infrastructure for federal client. Collaborating with software engineers and data scientists for resilient solutions.
Senior DevSecOps Engineer/Developer responsible for building Humana's software security platform. Modernizing architecture and managing CI/CD pipelines as part of core engineering team.
Senior Information Security Analyst focusing on DevSecOps for Unidas, a major mobility company in Brazil. Responsible for optimizing security governance processes and delivering secure software.
DevOps Manager overseeing scaling for Seekr's AI platform using Kubernetes, Terraform, and Ansible. Leading a hands - on team and collaborating with engineering for efficiency.
Back - End & DevOps Software Developer contributing to building digital products to change the world. Specializing in back - end development and command of DevOps ecosystem for robust infrastructure.