AppSec & DevSecOps Engineer in Brazil, Indiana at Jobgether

This position is posted by Jobgether on behalf of a partner company. We are currently looking for an AppSec & DevSecOps Engineer in Brazil.

This is an exciting opportunity for a cybersecurity professional passionate about embedding security into modern software development and cloud-native environments. In this role, you will lead the implementation of secure development practices across the entire software lifecycle, helping engineering teams deliver resilient, scalable, and compliant applications. You will work closely with developers, architects, DevOps, and cloud teams to strengthen security automation, vulnerability management, and secure CI/CD processes. The position combines technical depth, strategic influence, and hands-on execution, making it ideal for professionals who enjoy solving complex security challenges while enabling innovation. This fully remote role offers the chance to contribute to cutting-edge digital transformation initiatives in a collaborative and technology-driven environment.

• Act as a technical reference for Application Security (AppSec) and DevSecOps practices across development projects.
• Integrate security into all stages of the software development lifecycle using Secure SDLC and Shift Left methodologies.
• Design, standardize, and maintain secure, reusable, automated, and version-controlled CI/CD pipelines.
• Implement DevSecOps controls and security best practices within continuous delivery workflows.
• Conduct risk assessments, threat modeling exercises, and security evaluations for applications and architectures.
• Perform vulnerability triage, analysis, and remediation support alongside development teams.
• Operate and manage security tools including SAST, DAST, SCA, container security, and Infrastructure as Code (IaC) scanners.
• Conduct security-focused code reviews, especially for .NET Core and Node.js applications.
• Evaluate and improve cloud security architectures and controls within AWS, Azure, or GCP environments.
• Ensure compliance with governance and security frameworks such as ISO 27001, SOC 2, and PCI DSS.
• Develop scripts and automations for security controls and integrations with SIEM/SOC platforms.
• Promote security awareness, mentorship, and training initiatives across technology teams.

• Strong professional experience in Application Security (AppSec) and/or DevSecOps roles.
• Hands-on knowledge of Secure SDLC methodologies and Shift Left security strategies.
• Experience working with CI/CD platforms such as Azure DevOps, GitHub Actions, GitLab CI, or Jenkins.
• Practical experience with SAST, DAST, and SCA security tools.
• Knowledge of .NET Core and Node.js environments for secure code analysis and review.
• Experience identifying, analyzing, and supporting remediation of software vulnerabilities.
• Familiarity with cloud computing platforms such as AWS, Azure, or GCP.
• Experience with containers and orchestration technologies including Docker and Kubernetes.
• Knowledge of Infrastructure as Code (IaC) technologies such as Terraform, ARM, or CloudFormation.
• Strong understanding of secure architecture principles and Threat Modeling practices.
• Nice to have: security certifications such as CSSLP, CEH, Security+, AZ-500, or AWS Security Specialty.
• Nice to have: experience with SIEM/SOC environments and monitoring integrations.
• Nice to have: knowledge of OWASP Top 10, ASVS, and SAMM frameworks.
• Nice to have: experience working in regulated or highly critical environments.

• Full-time remote work model within Brazil.
• Opportunity to work with advanced technologies including AI, cloud, and modern digital platforms.
• Collaborative and innovation-focused work environment.
• Exposure to large-scale digital transformation and cybersecurity projects.
• Continuous learning and professional development opportunities.
• Access to cutting-edge tools and modern engineering practices.
• Inclusive and growth-oriented culture focused on technical excellence and career advancement.