Application Security Engineer
São Paulo, Brazil
Applications have closed
BigID
Reduce risk, accelerate time to insight, and get data visibility and control across all your data - everywhere.Who we are:
BigID is an innovative tech startup that focuses on solutions for data security, compliance, privacy, and governance. We're leading the market in all things data: helping our customers reduce risk, drive business innovation, achieve compliance, build customer trust, make better decisions, and get more value from their data.
We are building a global team with a passion for innovation and next-gen technology. BigID has been recognized for being one of CNBC’s Top 25 Startups powering the economy, we're on Built In's 2023 Best Places to Work, one of America's fastest-growing companies, Inc5000 2023, 3 years running, one of the 20 coolest identity access management and data protection companies, CRN Security 100 2023, a Market Leader in DSPM at the 11th annual Global InfoSec Awards (Cyber Defense Magazine) and 2023 Disruptor Gold Winner - Most Disruptive Cyber Security Software, Globee Awards.
At BigID, our team is the foundation of our success. Join a people-centric culture that is fast-paced and rewarding: you’ll have the opportunity to work with some of the most talented people in the industry who value innovation, diversity, integrity, and collaboration.
Who we seek:
We’re looking for an Application Security Engineer for our Application Security team As an Application Security Engineer, you will be responsible for safeguarding BigID’s applications as well as creating a robust and secure environment. Our ideal candidate is someone who has hands-on application security experience and can automate tasks.
What you’ll do:
- Perform and automate SAST/DAST and other security testing approaches
- Establish a security champions program
- Review security training materials
- Enable a safe development strategy
- Maintain the vulnerability management program
What you’ll bring:
- Understanding of DevSecOps
- Knowledge of application security principles, practices, and methodologies, such as OWASP and NIST
- Experience with containerized/kubernetes deployments
- Experience with IaC development in AWS or other Cloud providers
- Experience with IaC development for pipeline deployment (GitLab CI/CD, Jenkins, GitHub actions, Azure DevOps, etc.)
- Knowledge of at least one of the following programming languages: python, NodeJS, Java
Advantages:
- Experience with vulnerability management processes
- Experience with OWASP Zap/Burp Suite
- Ability to read multiple programming languages source code and identify vulnerabilities
- Experience with bug bounty program management
- Experience with penetration tests management
- Certifications related to any of the above topics (For example: CEH, CISSP, CompTIA Security+, AWS Security Specialty, OSCP, etc.)
- Experience with program management
What’s in it for you?!
Our people are the foundation of our success, and we prioritize offering a wide range of benefits that make our team happier and healthier.
- Equity participation - everyone shares in our success
- Flexible work arrangements
- Other compulsory benefits based on country of residence
Our Values:
We look for people who embody our values - Care, Do, Try & Shine.
- Care - We care about our customers and each other
- Do - We do what it takes to make a positive impact
- Try - We try our best and we don’t give up
- Shine - We shine and make it our mission to always stand out
BigDiversity: We’re committed to creating a culture of inclusion, diversity, and equality – across race, gender, sexuality, disability, and neurodiversity – where innovation and growth thrive, every voice is heard, and everybody belongs. Learn more about us here.
CPRA Employee Privacy Notice: CA
BigID is an E-Verify Participant.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Application security AWS Azure Burp Suite CEH CI/CD CISSP Cloud Compliance CompTIA Cyber defense DAST DevOps DevSecOps DSPM GitHub GitLab Governance Java Kubernetes NIST Node.js OSCP OWASP Privacy Python SAST Strategy Vulnerabilities Vulnerability management
Perks/benefits: Startup environment
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Chief Information Security Officer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Cybersecurity Specialist jobs
- Open Security Researcher jobs
- Open IT Security Engineer jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open Security Clearance-related jobs
- Open Forensics-related jobs
- Open EDR-related jobs
- Open CEH-related jobs
- Open Kubernetes-related jobs