Browse
···
Log in / Register
Job Summary: We are seeking an Application Security (AppSec) professional to support clients in building and maintaining secure and reliable applications. Key Highlights: 1. Certified by GPTW for 6 consecutive years 2. Focus on a safer digital society and information security 3. Values motivated individuals who are part of a purpose Since 2009, we have been a company specializing in Information Security, focused on delivering precise diagnostics and continuous security programs. IBLISS’s purpose over these years has been to motivate our team members to engage with our mission of building a **safer digital society**. We see people in their essence and recognize their existence; therefore, we encourage applications from women, persons with disabilities (PCDs), LGBTQIAP\+, Black/Indigenous people, and all other underrepresented groups. **For 6 consecutive years, we have been certified by GPTW as one of the best companies to work for. We also fulfill our responsibility toward security and hold ISO 27\.001\. certification.** Our culture values motivated individuals who identify with their work and feel genuinely part of our purpose. All of this is connected to the values that define our way of being: ✅ We take play seriously, but we take seriousness seriously ✅ We leak everything internally, so nothing leaks externally from our clients ✅ What is right is right ✅ Inquisitive minds **About the Role:** We seek an Application Security (AppSec) professional to support clients in building and maintaining secure, reliable, and business-aligned applications. You will be responsible for ensuring data protection and application security throughout the application lifecycle, contributing to enterprises achieving competitiveness and sustainable growth through high-quality, secure, and agile software development. **Responsibilities and Activities:** * Providing advisory support to clients; * Validating and developing security requirements and checklists; * Preparing documentation; * Emphasizing secure development lifecycle (SDL); * Defining security requirements; * Managing features under development; * Conducting code reviews and architecture reviews; * Implementing and maintaining DevSecOps pipelines; * Evaluating and challenging (if necessary) architectural decisions. **Mandatory Requirements:** Experience in: * Code Review; * Automated testing: DAST, SAST, IAST, SCA; * Programming languages; * Projects within medium- and large-sized enterprises; * Corporate security solutions: Veracode, Akamai, and open-source tools; * SDLC process maturity; * OWASP ASVS security review.
