Nearshore Sector |Application Security (AppSec) Analyst

We are looking for an Application Security (AppSec) Analyst to join our team focusing on identifying and managing application vulnerabilities throughout the Software Development Life Cycle (SDLC). This role is critical for ensuring the security of our software ecosystem bridging the gap between security protocols and development agility. You will be responsible for operating security scanning tools and collaborating closely with development teams to implement robust remediation plans.

Responsibilities

• Vulnerability Management: Operate and manage security scanning tools including SAST SCA IaC and Container Scanning (specifically Veracode GHAS and Hackuity).

• Analysis & Prioritization: Qualify and prioritize vulnerabilities identified in code providing actionable insights and accompanying remediation efforts with development squads.

• Security Integration: Deeply integrate security measures into CI/CD pipelines using tools like Git Azure DevOps and GitHub.

• Community Engagement: Foster a culture of secure coding by leading developer communities producing awareness content and conducting onboarding for new projects within the AppSec program.

• Coordination: Maintain autonomy in coordinating the adoption of security measures across target projects ensuring compliance with the OWASP Top 10.

Qualifications :

• Experience: Proven experience in Application Security specifically in vulnerability detection and management within the SDLC.

• Technical Stack: Strong hands-on knowledge of programming languages including (C#) Python and Java

• Security Tools: Proficiency with SAST/SCA platforms (experience with Checkmarx or Veracode is highly valued).

• Frameworks: In-depth understanding of the OWASP Top 10 and secure coding practices.

• DevOps Culture: Familiarity with CI/CD pipelines Git workflows and cloud-native security concepts.

• Communication: Fluency in English (B2 level minimum) to collaborate effectively in an international nearshore environment.

Additional Information :

Devoteam Group works for equal opportunities promoting its employees based on merit and actively fights against all forms of discrimination. We are convinced that diversity contributes to the creativity dynamism and excellence of our organization. All of our vacancies are open to people with disabilities.

Remote Work :

Yes

Employment Type :

Full-time