Application Security Specialist

RecargaPay is the Super App that simplifies everyday payments for consumers and SMEs in Brazil.

The platform streamlines payments for over 6 million Brazilians by consolidating credit and debit cards, instant payments like Pix, and Open Finance, on a mission to democratize mobile payments and financial services in Brazil.

Featuring services such as bill payments, mobile top-ups, public transportation, installment plans, and loans, designed with convenience, low cost and flexibility in mind. RecargaPay is changing the way both banked and unbanked Brazilians make their everyday payments and access their financial services.

We are looking for a qualified AppSec Specialist to implement secure development processes and analyze application security through methodologies. In addition, will guide the development team on vulnerability remediation, integration of security testing into the SDLC/DevOps cycle. Finally, you will seed the application security culture for the entire company.

Your main responsibilities will be:

• Responsible for the implementation of Secure Development and Application Security Analysis processes in large corporate clients, including: source code security review using SAST solution, validation of vulnerabilities found in source code, discussion of false positive cases, guidance to developers on vulnerability remediation, development and execution of training and support in application security operation with SAST solution;
• Work with development teams to ensure that security is integrated into the software development life cycle;
• Provide technical recommendations and remediation to teams;
• Accompany meetings with business and development areas, providing appropriate advice;
• Develop and apply security training and coding best practices;
• Promote the Application security culture to several areas of the company;
• Developing and maintaining documentation of application security controls;
• Perform regular security audits of applications and systems;
• Stay up-to-date on new security technologies and approaches;

Requirements

• Experience in development using Java and Spring Boot;
• Education in information technology or related field;
• Understanding of modern web application structure;
• Experience in codereview and applying SSDLC technique;
• Familiarity with web and mobile internet related technologies (web applications, mobile applications, API oriented architecture) and network related protocols;
• Feeling comfortable in Agile / DevOps environment;
• Knowledge in application security;
• knowledge of frameworks such as OWASP;"

Benefits

• Medical and Dental assistance without co-participation;

• Life insurance;
• Flexible Meal voucher - Flash;
• TotalPass;
• Home office assistance - monthly deposit in the RecargaPay app for personal use;
• Spanish classes;
• Educational partnerships; 
• Discount in Universities for Undergraduate, Graduate and MBA courses;
• Anywhere office - work from wherever you want.

Diversity & Inclusion

Diversity is part of our DNA and we are in constant search for representativeness and evolution. We believe that our employees should be who they are, and that is what makes them unique in their roles - regardless of gender, religion, disabilities, sexual orientation, ethnicity, generations and different experiences. And we are looking for people who are authentic and free to co-create a more inclusive and innovative company and society. Does it sound like you?

The use of your Data

The candidate, when sending the curriculum with personal and professional data to participate in RecargaPay's recruitment and selection process, is aware that the data will be used for the necessary analysis and validations throughout the recruitment process and for hiring, if necessary, as well as authorizes RecargaPay to share the curriculum data with other companies in the RecargaPay group in case opportunities arise in line with the candidate's profile.

In compliance with Law 13.709 / 18, LGPD - General Data Protection Law, the candidate may ask for the updating, rectification and modification of his information during the recruitment and selection process, or, still, request the non-use of the data under the terms applicable law.