Application Security Engineer 🔎🕵🏻 Threat Modeling 🌎 US-based Product Company
Prometeo Talent
São Paulo - SP
Permanente
Período integral
Há 23 dias
About Us:Prometeo Talent is a #1 rated Recruitment Agency spread throughout America and Europe. 🌎✨ We excel in connecting companies with exceptional tech and engineering professionals. 💼🚀 Our HR and recruitment professionals are always ready to help companies and people find their right match. 🤝💙We have partnered with a US-based Product Company looking to expand their team. 🚀🌐 They develop management products that help lots of companies worldwide improve their efficiency and streamline their work. 🌐💼They have a global team and are currently interested in hiring someone based in Colombia, Brazil or Ecuador 🌎🌟Our Proposal:🔒 We are looking for an Application Security Engineer role🔑! It's not just any job, it's about company-wide 🌟 visibility! You'll be the shield 🛡️ ensuring our 10,000+ customers stay safe in the Managed-Service-Provider world and in corporate IT domains.💼 Working closely with our client development, platform, and product teams, you'll embed security 💡 into every stage of our product lifecycle. We need someone who's a ninja 🥷 at defining security requirements, conducting app security assessments, and guiding developers through fixes. One day you're assessing a new system, the next you're coaching on best practices. 🚀👨🏫 Not only will you be the guardian of security, but you'll also be a mentor and leader 🌟 to our junior team members, guiding them to become security experts in their own right.Responsibilities:🔍 Anticipate possible security threats and identify areas of weakness in Ninja’s environments and software.🤝 Partner with Ninja Engineering to perform code analysis of large applications manually and with the assistance of SAST and DAST tools.🔍 Partner with engineering in triaging the reported findings by SAST, DAST, SCA, SBOM, and similar products to reduce potential False-positive rates.🏛️ Perform security architecture design reviews of our products and infrastructure.🔍 Identify and perform well-controlled security vulnerability hunting through source code reviews and penetration testing of Ninja’s environments and software.🛠️ Provide remediation guidance and recommendations to developers and platform engineers.👥 Work with Engineering Managers team to help perform threat modeling of features and to prioritize and validate the urgency of identified vulnerabilities and security enhancement requests.🔍 Identify knowledge gaps and define security best practices for development teams to understand, follow, and receive training for.📊 Develop comprehensive and accurate reports and presentations for both technical and executive audiences (may be internal to Ninja, or external such as prospects/clients or media).Only English resumes will be considered.What do we offer?🏡 Fully remote work🖥️ The company provides you with the equipment⌚ Flexible working hours🏖️🏞️ Flexible PTO💵💰 Compensation package in USD