Analista DevSecOps Sr

This position is posted by Jobgether on behalf of a partner company. We are currently looking for a Analista DevSecOps Sr in Brazil.

This is a senior DevSecOps role focused on embedding security practices across the entire software development lifecycle within complex, large-scale digital ecosystems. You will work at the intersection of development, security, and operations, ensuring that applications, APIs, and infrastructure are secure, compliant, and resilient by design. The role involves close collaboration with development squads, helping them identify, prioritize, and remediate vulnerabilities in modern web and cloud-based architectures. You will play a key part in evolving security practices, integrating tools into CI/CD pipelines, and strengthening secure coding culture across teams. The environment is highly technical, collaborative, and focused on continuous improvement, with strong emphasis on risk management and compliance. This is a strategic opportunity for a hands-on security professional who wants to drive real impact in digital product security at scale.

Accountabilities:

• Implement and evolve DevSecOps and Application Security practices across the software development lifecycle, ensuring security is embedded from design to production.
• Integrate security tools and controls into CI/CD pipelines such as Azure DevOps, GitHub Actions, GitLab CI, or Jenkins.
• Use and support platforms like Conviso to manage, prioritize, and track application vulnerabilities.
• Support development teams in identifying and remediating vulnerabilities in applications built with C# (.NET Core), Angular, and React.
• Perform and interpret security analyses including SAST, DAST, SCA, container scanning, and secrets detection.
• Promote and enforce secure coding practices aligned with OWASP Top 10 and industry standards.
• Define and support security controls for APIs, authentication, authorization, logging, encryption, and secrets management.
• Generate security metrics, vulnerability backlogs, and remediation status reports to support governance and decision-making.
• Support compliance initiatives including LGPD, audit readiness, and security governance requirements.

Requirements:

• Senior-level experience in DevSecOps, Application Security, or Software Security Engineering.
• Strong experience with CI/CD pipelines and automation tools such as Azure DevOps, GitHub Actions, GitLab CI, or Jenkins.
• Hands-on experience with AppSec platforms such as Conviso or similar vulnerability management tools.
• Solid knowledge of security in modern web applications using C# (.NET Core), Angular, and React ecosystems.
• Experience with security frameworks and methodologies such as OWASP Top 10, CWE, and CVSS.
• Strong understanding of API security, authentication/authorization mechanisms, encryption, and secrets management.
• Experience with cloud environments, containers, and infrastructure-as-code practices.
• Ability to guide and mentor development teams in vulnerability remediation and secure development practices.
• Strong analytical mindset with the ability to prioritize security risks effectively.
• Excellent communication skills and ability to collaborate with development, architecture, and business stakeholders.
• Proactive, hands-on, and structured profile with a strong focus on continuous improvement and delivery quality.

Benefits:

• Hybrid work model (3x per week in São Paulo – SP).
• PJ contract arrangement.
• Mental health and wellness support program.
• Discounts with partner companies and services.
• Opportunity to work in a global, multi-industry technology environment.
• Exposure to large-scale digital transformation and security-critical systems.

How Jobgether works: We use an AI-powered matching process to ensure your application is reviewed quickly, objectively, and fairly against the role's core requirements. Our system identifies the top-fitting candidates, and this shortlist is then shared directly with the hiring company. The final decision and next steps (interviews, assessments) are managed by their internal team. We appreciate your interest and wish you the best!  Why Apply Through Jobgether?    Data Privacy Notice: By submitting your application, you acknowledge that Jobgether will process your personal data to evaluate your candidacy and share relevant information with the hiring employer. This processing is based on legitimate interest and pre-contractual measures under applicable data protection laws (including GDPR). You may exercise your rights (access, rectification, erasure, objection) at any time.     #LI-CL1