Application Security Engineer SR

Important Information 

Location: Brazil
Job Mode: Full-time 
Work Mode: Work from home

Responsibilities and Duties

• As a Application Security Engineer, you will lead a comprehensive security program that begins with assessing vulnerabilities and creating prioritized remediation plans;
• Implementing OWASP-based security best practices and threat modeling frameworks throughout the SDLC;
• Establish automated security controls through SAST/DAST integration in CI/CD pipelines, help conduct penetration testing, and create standardized procedures for identifying and addressing security issues;
• Additionally, you will help develop and deliver secure coding training programs and maintain thorough documentation, ensuring the organization maintains a strong security posture through both technical implementation and team enablement.

Essential Skills

• Strong experience with SAST/DAST tools;
  
• Proficiency in penetration testing and vulnerability assessment;
  
• Knowledge of common security frameworks (OWASP, NIST);
  
• Experience with security incident response;
  
• Strong programming knowledge;
  
• Understanding of CI/CD pipelines;
  
• Cloud security expertise (AWS preferred);
  
• Database security knowledge;
  
• Experience implementing security automation tools;
  
• Familiarity with DevSecOps practices;
  
• Knowledge of security testing frameworks;
  
• Experience with code analysis tools;
  
• Experience in application security;
  
• Proven experience implementing security programs;
  
• Track record of security remediation projects;
  
• Experience creating and delivering security training.

Additional Skills

• Certifications (preferred):
  - CISSP, CSSLP, or equivalent;
  - CEH or OSCP for penetration testing;
  - Cloud security certifications (AWS Security);
  - OWASP certifications.

About Encora

Encora is the preferred digital engineering and modernization partner of some of the world’s leading enterprises and digital native companies. With over 9,000 experts in 47+ offices and innovation labs worldwide, Encora’s technology practices include Product Engineering & Development, Cloud Services, Quality Engineering, DevSecOps, Data & Analytics, Digital Experience, Cybersecurity, and AI & LLM Engineering.

At Encora, we hire professionals based solely on their skills and qualifications, and do not discriminate based on age, disability, religion, gender, sexual orientation, socioeconomic status, or nationality.