Senior Information Security Applications Engineer
Latam
Applications have closed
At Talentus, we are looking for you!
We are a US company with a strong presence in LATAM and across 20 countries around the world. Some of our key near-shore BPO services include smart-sourcing, dedicated or cluster teams, managed IT services, software outsourcing, and the top ERP & CRM solutions, driven by our practices across many different industries.
We are currently looking for a Senior Information Security Applications Engineer to join our dynamic team! As a Senior Information Security Applications Engineer, you will work closely with our Engineering team on secure SDLC (Software Development Life Cycle) activities, participate in security operations, and contribute to the design, planning, and implementation of security-related projects. This role requires a deep understanding of application security, secure coding practices, and the ability to collaborate effectively with cross-functional teams.
Day-to-Day Responsibilities:
• Interact with the Engineering team on secure SDLC activities:. Manage and mature the application security program through direct interactions.. Work with architects and engineers to review and design security requirements.. Interact with sprint teams on security-related issues, such as secure code reviews, threat modeling, coding patterns, and security awareness.. Determine and report on secure SDLC metrics.• Participate in security operations activities:. Review patch and vulnerability notifications as issued.. Conduct vulnerability discovery, validation, and remediation tracking.. Collaborate with IT teams to design remediations and shepherd them through to completion.. Monitor and review indicators of compromise from various systems.• Contribute to the design, planning, and implementation of security-related projects.• Write, review, and update security documentation and respond to audit requests.
Required Skills:
• Five years of experience in software development, engineering, or architecture.• Substantial professional experience focused on security.• Deep understanding of web application architecture design, software development, and related security concepts, including secure coding patterns, OWASP, data flows, authentication, and data protection.• Exceptional communication and collaboration skills.• Ability to shape and support secure practices carried out by others.• Experience with threat modeling methodologies, ideally STRIDE.• Ability to integrate security principles and techniques such as IAM, penetration testing, defense in depth, and change management into development processes.• Proficiency in several coding languages and the ability to quickly learn and apply security concepts to new languages.• Experience with relational database design and SQL query language.• Solid organizational skills and ability to prioritize tasks.• Ability to thrive in a fast-paced, constantly changing environment.• High level of integrity, trustworthiness, and ethics.
Desired Skills:
• At least one security-focused certification related to skillset and experience.• Technical experience with Windows and Linux operating system security configuration.• Understanding of network architecture, including cloud-related security concepts, concerns, and technologies.• Experience implementing governance models such as NIST CSF or ISO 27001.• Experience with Agile project management techniques.• Financial industry experience.• Experience with regulated environments such as PCI, HIPAA, GLBA, SOX, FFIEC.
What do we offer?
• Contractor model.• 100% remote.• Salary in USD.• Paid vacations.• Day off for birthdays.• Benefits for courses and/or certifications.• Work on leading projects for our US customers, and not on the bench.
We are a US company with a strong presence in LATAM and across 20 countries around the world. Some of our key near-shore BPO services include smart-sourcing, dedicated or cluster teams, managed IT services, software outsourcing, and the top ERP & CRM solutions, driven by our practices across many different industries.
We are currently looking for a Senior Information Security Applications Engineer to join our dynamic team! As a Senior Information Security Applications Engineer, you will work closely with our Engineering team on secure SDLC (Software Development Life Cycle) activities, participate in security operations, and contribute to the design, planning, and implementation of security-related projects. This role requires a deep understanding of application security, secure coding practices, and the ability to collaborate effectively with cross-functional teams.
Day-to-Day Responsibilities:
• Interact with the Engineering team on secure SDLC activities:. Manage and mature the application security program through direct interactions.. Work with architects and engineers to review and design security requirements.. Interact with sprint teams on security-related issues, such as secure code reviews, threat modeling, coding patterns, and security awareness.. Determine and report on secure SDLC metrics.• Participate in security operations activities:. Review patch and vulnerability notifications as issued.. Conduct vulnerability discovery, validation, and remediation tracking.. Collaborate with IT teams to design remediations and shepherd them through to completion.. Monitor and review indicators of compromise from various systems.• Contribute to the design, planning, and implementation of security-related projects.• Write, review, and update security documentation and respond to audit requests.
Required Skills:
• Five years of experience in software development, engineering, or architecture.• Substantial professional experience focused on security.• Deep understanding of web application architecture design, software development, and related security concepts, including secure coding patterns, OWASP, data flows, authentication, and data protection.• Exceptional communication and collaboration skills.• Ability to shape and support secure practices carried out by others.• Experience with threat modeling methodologies, ideally STRIDE.• Ability to integrate security principles and techniques such as IAM, penetration testing, defense in depth, and change management into development processes.• Proficiency in several coding languages and the ability to quickly learn and apply security concepts to new languages.• Experience with relational database design and SQL query language.• Solid organizational skills and ability to prioritize tasks.• Ability to thrive in a fast-paced, constantly changing environment.• High level of integrity, trustworthiness, and ethics.
Desired Skills:
• At least one security-focused certification related to skillset and experience.• Technical experience with Windows and Linux operating system security configuration.• Understanding of network architecture, including cloud-related security concepts, concerns, and technologies.• Experience implementing governance models such as NIST CSF or ISO 27001.• Experience with Agile project management techniques.• Financial industry experience.• Experience with regulated environments such as PCI, HIPAA, GLBA, SOX, FFIEC.
What do we offer?
• Contractor model.• 100% remote.• Salary in USD.• Paid vacations.• Day off for birthdays.• Benefits for courses and/or certifications.• Work on leading projects for our US customers, and not on the bench.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Job stats:
4
1
0
Category:
Security Engineering Jobs
Tags: Agile Application security Cloud ERP FFIEC GLBA Governance HIPAA IAM ISO 27001 Linux NIST OWASP Pentesting RDBMS SDLC SOX SQL Windows
Perks/benefits: Career development
Regions:
Remote/Anywhere
North America
South America
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.
Senior Security Analyst jobsInformation System Security Officer jobsSenior Cloud Security Engineer jobsInformation Security Manager jobsInformation Security Specialist jobsSenior Cybersecurity Engineer jobsSenior Network Security Engineer jobsSecurity Consultant jobsIT Security Engineer jobsCyber Security Specialist jobsSenior Penetration Tester jobsSecurity Specialist jobsSenior Information Security Analyst jobsSenior Cyber Security Engineer jobsChief Information Security Officer jobsSystems Engineer jobsSystems Administrator jobsInformation System Security Officer (ISSO) jobsSenior Product Security Engineer jobsCloud Security Architect jobsIT Security Analyst jobsPrincipal Security Engineer jobsStaff Security Engineer jobsSecurity Operations Analyst jobsCybersecurity Specialist jobs
DevSecOps jobsKubernetes jobsEncryption jobsPowerShell jobsIDS jobsSplunk jobsSaaS jobsEDR jobsSDLC jobsIPS jobsRMF jobsSQL jobsTop Secret jobsIntrusion detection jobsBash jobsCompTIA jobsThreat detection jobsITIL jobsFinance jobsOWASP jobsDoDD 8570 jobsCRISC jobsDocker jobsActive Directory jobsBanking jobs
UNIX jobsTCP/IP jobsVPN jobsGIAC jobsTerraform jobsSANS jobsClearance Required jobsIT infrastructure jobsHIPAA jobsSOX jobsSOC 2 jobsOSCP jobsCISO jobsIndustrial jobsJavaScript jobsCCSP jobsData Analytics jobsDNS jobsSOAR jobsPolygraph jobsJira jobsAnsible jobsMITRE ATT&CK jobsCyber defense jobsGCIH jobs