Job Summary: We are seeking a DevSecOps specialist to ensure security throughout the entire product lifecycle, promoting a secure and collaborative development culture. Key Highlights: 1. Serve as the technical DevSecOps reference for product squads and tribes 2. Promote a secure development culture oriented toward risk 3. Work in an innovative and challenging environment If you seek a company with an innovative and challenging environment that encourages creativity and autonomy to overcome barriers and achieve results, you can join our #CrazyForPoints team! Our incentive and loyalty solutions include hundreds of thousands of products and services, and our professionals are central to the Livelo ecosystem — true agents driving our purpose and vision: **we add happiness to everyday choices to deliver, for each person, the best reward.** **All our open positions are open to everyone, regardless of gender, age, ethnicity, race, sexual orientation, or disability.** **Job Mission:** Ensure security from the outset of the product and service lifecycle, promoting a secure, collaborative, and risk-oriented development culture by working with development teams, operations teams, and other security structures to build secure pipelines, automate controls, mitigate vulnerabilities, and reinforce the Security by Design culture across the organization. **Responsibilities and Duties** ----------------------------------- * + Serve as the technical DevSecOps reference within product squads and tribes; + Implement, configure, and maintain security tools in CI/CD pipelines (SAST, DAST, SCA, IaC scanning, secrets detection, etc.). + Develop and automate scripts and integrations for vulnerability detection and remediation in repositories and runtime environments. + Collaborate with development teams to review code, define secure standards, and support vulnerability remediation. + Conduct threat modeling and participate in architecture reviews to proactively identify security risks. + Integrate security controls into GitLab, GitHub Actions, Jenkins, or similar pipelines. + Monitor and respond to security alerts generated by DevSecOps tools and platforms. + Lead proof-of-concepts (PoCs) and evaluate new security solutions and technologies for the development lifecycle. + Create and maintain technical documentation on security integrations, workflows, and development procedures. + Support security incidents related to applications, code, and infrastructure-as-code. **Requirements and Qualifications** ------------------------------ * Bachelor’s degree in Computer Science, Computer Engineering, Information Systems, or related fields. * Minimum of 5 years of hands-on experience applying security practices to development pipelines and automating DevSecOps processes. * Experience with security tools: Veracode, Snyk, SonarQube, Checkmarx, Trivy, Aqua, etc. * Knowledge of vulnerability analysis for web applications, APIs, and infrastructure. * Experience with code repositories and version control (Git, GitLab, GitHub, Bitbucket). * Postgraduate degree or MBA in Information Security, Software Engineering, or related fields is desirable. * Relevant courses and certifications in DevSecOps, Cloud Security, or Secure Coding. * Strong verbal and written communication skills; * Collaborative mindset; * Strong interaction with non-technical areas. #### **WHAT DO WE OFFER?** * Alelo Food and Alelo Meal benefits; * Mobility benefits for hybrid work models (Public Transportation Voucher, Shuttle Reimbursement, Fuel Voucher, and Toll Voucher); * Alelo Culture benefit; * Private Pension Plan; * Profit Sharing Program (PPR); * Bradesco Health and Dental Insurance; * Daycare/Babysitter allowance; * Zenklub; * Gympass/Wellhub; * Life Insurance; * Livelo Points rewards, plus discounts on our products; * Education Incentive (postgraduate programs, MBAs, and English courses) after 1 year of employment; * Birthday Day Off for employees and Half-Day Off for children’s birthdays; * Happy Friday (leave 1 hour earlier on Fridays) and Summer Dreams (leave 4 hours earlier on summer Fridays); * On-site massage, manicure, and barber services; * Coffee and fruits in the office; * Recognition Program; * A creative, challenging, and relaxed work environment recognized as one of the best places to work by GPTW 2025.