Application Security Engineer Threat Modeling US-based Product Company

About Us:

Prometeo Talent is a #1 rated Recruitment Agency spread throughout America and Europe. We excel in connecting companies with exceptional tech and engineering professionals. Our HR and recruitment professionals are always ready to help companies and people find their right match.

We have partnered with a USbased Product Company looking to expand their team. They develop management products that help lots of companies worldwide improve their efficiency and streamline their work.

They have a global team and are currently interested in hiring someone based in Colombia Brazil or Ecuador

Our Proposal:

We are looking for anApplication Security Engineer role! Its not just any job its about companywide visibility! Youll be the shield ensuring our 10000 customers stay safe in the ManagedServiceProvider world and in corporate IT domains.

Working closely with our client development platform and product teams youll embed security into every stage of our product lifecycle. We need someone whos a ninja at defining security requirements conducting app security assessments and guiding developers through fixes. One day youre assessing a new system the next youre coaching on best practices.

Not only will you be the guardian of security but youll also be a mentor and leader to our junior team members guiding them to become security experts in their own right.

Responsibilities:

Anticipate possible security threats and identify areas of weakness in Ninjas environments and software.

Partner with Ninja Engineering to perform code analysis of large applications manually and with the assistance of SAST and DAST tools.

Partner with engineering in triaging the reported findings by SAST DAST SCA SBOM and similar products to reduce potential Falsepositive rates.

Perform security architecture design reviews of our products and infrastructure.

Identify and perform wellcontrolled security vulnerability hunting through source code reviews and penetration testing of Ninjas environments and software.

Provide remediation guidance and recommendations to developers and platform engineers.

Work with Engineering Managers team to help perform threat modeling of features and to prioritize and validate the urgency of identified vulnerabilities and security enhancement requests.

Identify knowledge gaps and define security best practices for development teams to understand follow and receive training for.

Develop comprehensive and accurate reports and presentations for both technical and executive audiences (may be internal to Ninja or external such as prospects/clients or media).

What do we offer

Fully remote work

The company provides you with the equipment

Flexible working hours

Flexible PTO

Compensation package in USD