AppSec & DevSecOps Engineer

This position is posted by Jobgether on behalf of a partner company. We are currently looking for an AppSec & DevSecOps Engineer in Brazil.

This is an exciting opportunity for a cybersecurity professional passionate about embedding security into modern software development and cloud-native environments. In this role, you will lead the implementation of secure development practices across the entire software lifecycle, helping engineering teams deliver resilient, scalable, and compliant applications. You will work closely with developers, architects, DevOps, and cloud teams to strengthen security automation, vulnerability management, and secure CI/CD processes. The position combines technical depth, strategic influence, and hands-on execution, making it ideal for professionals who enjoy solving complex security challenges while enabling innovation. This fully remote role offers the chance to contribute to cutting-edge digital transformation initiatives in a collaborative and technology-driven environment.

Accountabilities

• Act as a technical reference for Application Security (AppSec) and DevSecOps practices across development projects.
• Integrate security into all stages of the software development lifecycle using Secure SDLC and Shift Left methodologies.
• Design, standardize, and maintain secure, reusable, automated, and version-controlled CI/CD pipelines.
• Implement DevSecOps controls and security best practices within continuous delivery workflows.
• Conduct risk assessments, threat modeling exercises, and security evaluations for applications and architectures.
• Perform vulnerability triage, analysis, and remediation support alongside development teams.
• Operate and manage security tools including SAST, DAST, SCA, container security, and Infrastructure as Code (IaC) scanners.
• Conduct security-focused code reviews, especially for .NET Core and Node.js applications.
• Evaluate and improve cloud security architectures and controls within AWS, Azure, or GCP environments.
• Ensure compliance with governance and security frameworks such as ISO 27001, SOC 2, and PCI DSS.
• Develop scripts and automations for security controls and integrations with SIEM/SOC platforms.
• Promote security awareness, mentorship, and training initiatives across technology teams.
  
  

Requirements

• Strong professional experience in Application Security (AppSec) and/or DevSecOps roles.
• Hands-on knowledge of Secure SDLC methodologies and Shift Left security strategies.
• Experience working with CI/CD platforms such as Azure DevOps, GitHub Actions, GitLab CI, or Jenkins.
• Practical experience with SAST, DAST, and SCA security tools.
• Knowledge of .NET Core and Node.js environments for secure code analysis and review.
• Experience identifying, analyzing, and supporting remediation of software vulnerabilities.
• Familiarity with cloud computing platforms such as AWS, Azure, or GCP.
• Experience with containers and orchestration technologies including Docker and Kubernetes.
• Knowledge of Infrastructure as Code (IaC) technologies such as Terraform, ARM, or CloudFormation.
• Strong understanding of secure architecture principles and Threat Modeling practices.
• Nice to have: security certifications such as CSSLP, CEH, Security+, AZ-500, or AWS Security Specialty.
• Nice to have: experience with SIEM/SOC environments and monitoring integrations.
• Nice to have: knowledge of OWASP Top 10, ASVS, and SAMM frameworks.
• Nice to have: experience working in regulated or highly critical environments.
  
  

Browse our curated collection of remote jobs across all categories and industries, featuring positions from top companies worldwide.

Benefits

• Full-time remote work model within Brazil.
• Opportunity to work with advanced technologies including AI, cloud, and modern digital platforms.
• Collaborative and innovation-focused work environment.
• Exposure to large-scale digital transformation and cybersecurity projects.
• Continuous learning and professional development opportunities.
• Access to cutting-edge tools and modern engineering practices.
• Inclusive and growth-oriented culture focused on technical excellence and career advancement.
  
  

How Jobgether Works

We use an AI-powered matching process to ensure your application is reviewed quickly, objectively, and fairly against the role's core requirements. Our system identifies the top-fitting candidates, and this shortlist is then shared directly with the hiring company. The final decision and next steps (interviews, assessments) are managed by their internal team.

We appreciate your interest and wish you the best!

Why Apply Through Jobgether?

Data Privacy Notice: By submitting your application, you acknowledge that Jobgether will process your personal data to evaluate your candidacy and share relevant information with the hiring employer. This processing is based on legitimate interest and pre-contractual measures under applicable data protection laws (including GDPR). You may exercise your rights (access, rectification, erasure, objection) at any time.

We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.