Senior Information Security Applications Engineer
Latam
At Talentus, we are looking for you!
We are a US company with a strong presence in LATAM and across 20 countries around the world. Some of our key near-shore BPO services include smart-sourcing, dedicated or cluster teams, managed IT services, software outsourcing, and the top ERP & CRM solutions, driven by our practices across many different industries.
We are currently looking for a Senior Information Security Applications Engineer to join our dynamic team! As a Senior Information Security Applications Engineer, you will work closely with our Engineering team on secure SDLC (Software Development Life Cycle) activities, participate in security operations, and contribute to the design, planning, and implementation of security-related projects. This role requires a deep understanding of application security, secure coding practices, and the ability to collaborate effectively with cross-functional teams.
Day-to-Day Responsibilities:
• Interact with the Engineering team on secure SDLC activities:. Manage and mature the application security program through direct interactions.. Work with architects and engineers to review and design security requirements.. Interact with sprint teams on security-related issues, such as secure code reviews, threat modeling, coding patterns, and security awareness.. Determine and report on secure SDLC metrics.• Participate in security operations activities:. Review patch and vulnerability notifications as issued.. Conduct vulnerability discovery, validation, and remediation tracking.. Collaborate with IT teams to design remediations and shepherd them through to completion.. Monitor and review indicators of compromise from various systems.• Contribute to the design, planning, and implementation of security-related projects.• Write, review, and update security documentation and respond to audit requests.
Required Skills:
• Five years of experience in software development, engineering, or architecture.• Substantial professional experience focused on security.• Deep understanding of web application architecture design, software development, and related security concepts, including secure coding patterns, OWASP, data flows, authentication, and data protection.• Exceptional communication and collaboration skills.• Ability to shape and support secure practices carried out by others.• Experience with threat modeling methodologies, ideally STRIDE.• Ability to integrate security principles and techniques such as IAM, penetration testing, defense in depth, and change management into development processes.• Proficiency in several coding languages and the ability to quickly learn and apply security concepts to new languages.• Experience with relational database design and SQL query language.• Solid organizational skills and ability to prioritize tasks.• Ability to thrive in a fast-paced, constantly changing environment.• High level of integrity, trustworthiness, and ethics.
Desired Skills:
• At least one security-focused certification related to skillset and experience.• Technical experience with Windows and Linux operating system security configuration.• Understanding of network architecture, including cloud-related security concepts, concerns, and technologies.• Experience implementing governance models such as NIST CSF or ISO 27001.• Experience with Agile project management techniques.• Financial industry experience.• Experience with regulated environments such as PCI, HIPAA, GLBA, SOX, FFIEC.
What do we offer?
• Contractor model.• 100% remote.• Salary in USD.• Paid vacations.• Day off for birthdays.• Benefits for courses and/or certifications.• Work on leading projects for our US customers, and not on the bench.
We are a US company with a strong presence in LATAM and across 20 countries around the world. Some of our key near-shore BPO services include smart-sourcing, dedicated or cluster teams, managed IT services, software outsourcing, and the top ERP & CRM solutions, driven by our practices across many different industries.
We are currently looking for a Senior Information Security Applications Engineer to join our dynamic team! As a Senior Information Security Applications Engineer, you will work closely with our Engineering team on secure SDLC (Software Development Life Cycle) activities, participate in security operations, and contribute to the design, planning, and implementation of security-related projects. This role requires a deep understanding of application security, secure coding practices, and the ability to collaborate effectively with cross-functional teams.
Day-to-Day Responsibilities:
• Interact with the Engineering team on secure SDLC activities:. Manage and mature the application security program through direct interactions.. Work with architects and engineers to review and design security requirements.. Interact with sprint teams on security-related issues, such as secure code reviews, threat modeling, coding patterns, and security awareness.. Determine and report on secure SDLC metrics.• Participate in security operations activities:. Review patch and vulnerability notifications as issued.. Conduct vulnerability discovery, validation, and remediation tracking.. Collaborate with IT teams to design remediations and shepherd them through to completion.. Monitor and review indicators of compromise from various systems.• Contribute to the design, planning, and implementation of security-related projects.• Write, review, and update security documentation and respond to audit requests.
Required Skills:
• Five years of experience in software development, engineering, or architecture.• Substantial professional experience focused on security.• Deep understanding of web application architecture design, software development, and related security concepts, including secure coding patterns, OWASP, data flows, authentication, and data protection.• Exceptional communication and collaboration skills.• Ability to shape and support secure practices carried out by others.• Experience with threat modeling methodologies, ideally STRIDE.• Ability to integrate security principles and techniques such as IAM, penetration testing, defense in depth, and change management into development processes.• Proficiency in several coding languages and the ability to quickly learn and apply security concepts to new languages.• Experience with relational database design and SQL query language.• Solid organizational skills and ability to prioritize tasks.• Ability to thrive in a fast-paced, constantly changing environment.• High level of integrity, trustworthiness, and ethics.
Desired Skills:
• At least one security-focused certification related to skillset and experience.• Technical experience with Windows and Linux operating system security configuration.• Understanding of network architecture, including cloud-related security concepts, concerns, and technologies.• Experience implementing governance models such as NIST CSF or ISO 27001.• Experience with Agile project management techniques.• Financial industry experience.• Experience with regulated environments such as PCI, HIPAA, GLBA, SOX, FFIEC.
What do we offer?
• Contractor model.• 100% remote.• Salary in USD.• Paid vacations.• Day off for birthdays.• Benefits for courses and/or certifications.• Work on leading projects for our US customers, and not on the bench.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Job stats:
1
1
0
Category:
Security Engineering Jobs
Tags: Agile Application security Cloud ERP FFIEC GLBA Governance HIPAA IAM ISO 27001 Linux NIST OWASP Pentesting RDBMS SDLC SOX SQL Windows
Perks/benefits: Career development
Regions:
Remote/Anywhere
North America
South America
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.
Security Operations Engineer jobsInformation Security Specialist jobsSenior Cybersecurity Engineer jobsInformation Security Officer jobsInformation Systems Security Officer jobsSenior Cyber Security Engineer jobsPrincipal Security Engineer jobsInformation System Security Officer jobsSenior Network Security Engineer jobsCloud Security Architect jobsChief Information Security Officer jobsSecurity Consultant jobsSenior Penetration Tester jobsStaff Security Engineer jobsSecurity Specialist jobsSenior Information Security Analyst jobsCyber Security Specialist jobsIT Security Engineer jobsThreat Intelligence Analyst jobsCyber Security Architect jobsSecurity Operations Analyst jobsInformation System Security Officer (ISSO) jobsSenior Product Security Engineer jobsCybersecurity Consultant jobsSenior Information Security Engineer jobs
PowerShell jobsEncryption jobsSDLC jobsMalware jobsSQL jobsRMF jobsIPS jobsGDPR jobsForensics jobsIDS jobsEDR jobsSplunk jobsTop Secret jobsFinance jobsDoDD 8570 jobsBash jobsITIL jobsOWASP jobsTerraform jobsCompTIA jobsCRISC jobsUNIX jobsIntrusion detection jobsGIAC jobsDocker jobs
TCP/IP jobsData Analytics jobsSANS jobsThreat detection jobsActive Directory jobsBanking jobsCCSP jobsPolygraph jobsClearance Required jobsOSCP jobsAnsible jobsSOC 2 jobsOracle jobsVPN jobsIT infrastructure jobsSOX jobsJavaScript jobsSecurity strategy jobsSOAR jobsCyber defense jobsJira jobsDNS jobsArtificial Intelligence jobsSAP jobsHIPAA jobs