Talento | Employers

El siguiente reto de tu carrera profesional

Publicado hace 34 días

icon job

Intermediate

AppSec Engineer

$75,000 MXN/mes brutos

*Salario especifico depende del proceso de selección

icon portfolio

4-6 años de experiencia

icon facbuildingebook

Híbrido

icon location

CDMX, México

icon portfolio

4-6 años de experiencia

icon building

Híbrido

icon location

CDMX, México

Description

  • Security Integration: Collaborate with development teams to integrate security practices into all phases of the software development lifecycle (SDLC) using "shift-left" principles.

  • Developer Enablement: Advocate for and implement "developer-first" security tools and processes that empower developers to write secure code without sacrificing agility.

  • Framework Expertise: Utilize your expertise in key application security frameworks (e.g., OWASP Top 10, SANS Top 25) to assess and enhance the security of our applications.

  • Code Reviews: Conduct security-focused code reviews and provide actionable feedback to developers.

  • Security Champions Program: Lead and expand our Security Champions program by identifying and mentoring developers across the organization to be security advocates.

  • Vulnerability Management: Work with teams to identify, prioritize, and remediate security vulnerabilities in applications.

  • Threat Modeling: Collaborate with teams to perform threat modeling, identifying potential security risks early in the development process.

  • Red Teaming: Work in a proactive and non-destructive manner to continually test internal services for vulnerabilities and weaknesses.  Consult with the corresponding product owners and engineering teams to prioritize and correct any issues identified.

  • Continuous Improvement: Stay updated on the latest security trends and continuously improve our security practices, tools, and frameworks.

Training & Awareness: Develop and deliver training sessions to improve the security knowledge and skills of our development teams.


Requirements

Qualifications:

  • Experience: 3+ years of experience in application security with a background in software development.

  • Technical Skills: Proficiency in at least one programming language (e.g., Java, Python, JavaScript, etc.) and familiarity with CI/CD pipelines and tools.

  • Framework Knowledge: Deep understanding of application security frameworks and standards (OWASP Top 10, SANS Top 25, NIST, etc.).

  • Developer Tools: Experience with developer-centric security tools (e.g., SAST, DAST, SCA, etc.).

  • Security Principles: Strong grasp of secure coding practices, threat modeling, and vulnerability management.

  • Collaboration: Excellent communication skills and the ability to work effectively with cross-functional teams.

  • Mindset: A proactive, "security-as-code" mindset, with a focus on embedding security into every stage of the development process.

Preferred Qualifications:

  • Experience in cloud security and understanding of cloud-native applications.

  • Knowledge of container security and microservices architecture.

  • Certifications such as CISSP, CEH, or equivalent.



Skills

Python

Java

CI/CD

¿Listo para dar el siguiente paso?

Compartir Vacante

icon facebook icon twitter icon clipboard