Application Security Analyst in Prediktive

Prediktive is the premier Technology Business Partner for Startups and Digital Companies.
We dedicate to build technology teams and connect them with companies that are looking to hire only the best! Prediktive specializes in the execution of software product development projects and business strategic programs.

We are looking for an Application Security Analyst based anywhere in Latin America to work on a mid-term project with the possibility of extension for one of our clients, a multinational corporation that provides IT services, including digital, technology, consulting and operations services. Part of the team is based in Virginia.

The person in this role requires a mix of technical capabilities as well as the know-how to provide security oversight for complex applications and articulate security concepts to developers.

Responsibilities

• Perform and coordinate penetration testing activities, ensuring that security testing is automated during development
• Support the testing tools SAST and DAST
• Share results with product teams and security architects
• Work to ensure findings are remediated
• Implement security tools and integrate them with the existing DevOps toolchain
• Provide vulnerability analysis, proper security tool integrations and creation of metrics in order to support data-driven decision-making
• Work with development teams to ensure that appropriate assessment of security risks is performed
• Implement application security best practices according to industry-recognized standards and frameworks such as OWASP, SANS, CIS

Requirements

• Advanced English Level
• Passion for application security and aptitude to learn emerging trends
• 3+ years of progressive information security experience, specializing in application/software security
• 2+ years of experience in application security, specifically with testing tools, DevSecOps, security automation
• Experience implementing security solutions in public cloud environments (AWS/Azure/GCP) in alignment with best practices
• Understanding of current application security solutions market and knowledge of DevSecOps best practices

• Bachelor's degree in Computer Science or Engineering or equivalent evidence of an aptitude
• Pen testing experience (cloud-based web and mobile applications) preferred
• Scripting experience (Python, Perl, Bash) is also preferred
• Certification in one or more of the following is preferred: CISSP, CEH, CISM, GWEB, GWAPT

• Remote work
• Compensation in USD
• Paid Time Off