DevSecOps Security Analyst | MID

This position is posted by Jobgether on behalf of a partner company. We are currently looking for a DevSecOps Security Analyst | MID in Brazil.

This role focuses on embedding security throughout the software development lifecycle, ensuring applications are built and delivered with security by design. You will act as a key bridge between development, architecture, and security teams, identifying vulnerabilities early and guiding remediation efforts. The position involves working with modern DevSecOps practices, integrating security tools and controls into CI/CD pipelines, and strengthening secure coding standards across teams. You will analyze application security findings, support threat modeling activities, and help define security requirements for scalable and resilient systems. Acting as a Security Champion, you will promote a strong security culture through collaboration, training, and continuous awareness initiatives. This is a highly collaborative and impactful role within a dynamic, cloud-driven and innovation-focused environment.

Accountabilities:

• Identify vulnerabilities in source code and support the definition and tracking of remediation plans.
• Monitor and enhance secure coding practices across development teams and pipelines.
• Analyze and interpret results from SAST, DAST, and SCA security tools, ensuring proper remediation actions.
• Perform threat modeling and define security requirements aligned with application architecture and development standards.
• Support developers in fixing vulnerabilities and implementing security guardrails throughout the SDLC.
• Contribute to governance processes for vulnerability management across code, architecture, and applications.
• Integrate and monitor security practices within CI/CD pipelines using Azure DevOps.
• Promote security awareness through training sessions, guidance, and Security Champion activities.
• Collaborate closely with development, architecture, operations, and security teams to ensure secure delivery.
• Support automation initiatives for security testing and vulnerability management.

Requirements:

• Solid experience in Application Security and DevSecOps practices.
• Hands-on experience identifying and managing vulnerabilities in source code.
• Experience with security tools such as SAST, DAST, and SCA.
• Practical knowledge of Azure DevOps and security integration in CI/CD pipelines.
• Experience with threat modeling and definition of security requirements.
• Strong understanding of OWASP frameworks (ASVS, SAMM, WSTG, MASVS).
• Experience with secure code review and secure software development lifecycle practices.
• Ability to act in a consultative role, supporting development teams with security best practices.
• Experience with vulnerability governance and tracking in enterprise environments.
• Prior experience as a Security Champion or security advocate within engineering teams.
• Familiarity with cloud environments and secure architecture principles.
• Knowledge of security automation and continuous security improvement practices.
• Experience in high-availability or mission-critical environments is a plus.

Benefits:

• Competitive compensation package aligned with market standards.
• Remote work flexibility.
• Exposure to cutting-edge AI-driven and cloud-native technologies.
• Learning and development opportunities in cybersecurity and DevSecOps practices.
• Collaborative and innovation-driven global work environment.
• Career growth opportunities in a fast-evolving security and engineering ecosystem.
• Participation in impactful projects focused on secure digital transformation.

How Jobgether works: We use an AI-powered matching process to ensure your application is reviewed quickly, objectively, and fairly against the role's core requirements. Our system identifies the top-fitting candidates, and this shortlist is then shared directly with the hiring company. The final decision and next steps (interviews, assessments) are managed by their internal team. We appreciate your interest and wish you the best!  Why Apply Through Jobgether?    Data Privacy Notice: By submitting your application, you acknowledge that Jobgether will process your personal data to evaluate your candidacy and share relevant information with the hiring employer. This processing is based on legitimate interest and pre-contractual measures under applicable data protection laws (including GDPR). You may exercise your rights (access, rectification, erasure, objection) at any time.     #LI-CL1