Esta es una vacante externa, deberás completar el proceso en el sitio de la empresa.
Categoría: Tecnologías de la Información - Sistemas
Subcategoría: Seguridad informática
Educación mínima requerida:
Descripción
Position Overview:
Our company is seeking a skilled and experienced Application Security Engineer to join our dynamic team. The ideal candidate will have a strong background in reviewing code, particularly in .NET and C#, and a passion for enhancing application security. This role will focus on ensuring the security and integrity of our software applications through code reviews, vulnerability assessments, and compliance validations. While a DevSecOps background is beneficial, it is not the primary focus of the role.
Key Responsibilities:
Code Reviews: Conduct in-depth code reviews for .NET and C# applications to identify security vulnerabilities and weaknesses. Collaborate with development teams to provide actionable recommendations for remediation.
Vulnerability Guidance: Offer expert guidance and assistance to development teams in addressing security vulnerabilities and threats discovered during code reviews or through automated scanning tools.
Security Scanning: Utilize Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and Software Composition Analysis (SCA) tools to identify and mitigate security risks.
DevSecOps Collaboration: Collaborate with DevOps and development teams to integrate security best practices into the Continuous Integration and Continuous Deployment (CICD) pipeline and Software Development Life Cycle (SDLC).
Compliance Validation: Validate and ensure compliance with security requirements, policies, and procedures during the onboarding of applications to the CICD/SDLC environment.
Security Awareness: Promote security awareness and best practices among development and cross-functional teams through training and knowledge sharing.
Qualifications:
-Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent work experience).
-Proven experience with code review and analysis, particularly in .NET and C#.
-Strong understanding of application security principles, OWASP Top Ten, and secure coding practices.
-Familiarity with security scanning tools such as SAST, DAST, and SCA.
-Knowledge of security standards, frameworks, and compliance requirements (e.g., OWASP, NIST, ISO 27001).
-Experience with DevSecOps practices and tools is a plus.
-Excellent communication skills and the ability to work collaboratively in a team-oriented environment.
-Relevant security certifications (e.g., CISSP, CEH, CSSLP) are a plus.
This position is remote the candidate could be located anywhere in LATAM
$25 - $30 an hour
$25 to $30 USD per our in a contractor scheme