Description: * Proven Experience: Demonstrated experience as a Senior Software Engineer, with focus on software security (Application Security) and data protection. * Language Proficiency: Expertise in Java 17 and Spring Boot. * Cloud Computing: Hands-on experience with AWS cloud and its core services, including knowledge of cloud security best practices. * Databases: Strong expertise in SQL and NoSQL databases, with emphasis on data security (encryption at rest and in transit). * API Security: Experience designing and implementing secure APIs, including authentication, authorization, and protection against common threats (OWASP Top 10). * Observability: Advanced knowledge of observability (monitoring, metrics, tracing, and logging) to identify and mitigate suspicious activities or security anomalies. * DevSecOps: Solid experience with DevSecOps practices, integrating security into the CI/CD pipeline. * Communication: Excellent communication and collaboration skills to engage effectively with both technical and business teams. Differentiators * Experience in Cyber Risk or Privacy-related projects or domains. * Knowledge of data privacy regulations such as LGPD (Brazil’s General Data Protection Law). * Familiarity with security frameworks and standards (NIST, CIS, ISO 27001). * Experience with static (SAST) and dynamic (DAST) application security testing tools. * Secure Systems Development: Design, develop, and maintain robust and secure systems by embedding security and privacy best practices throughout the entire software development lifecycle. * Data Protection: Implement solutions for protecting sensitive data—including encryption, anonymization, and access control—in compliance with privacy regulations such as LGPD. * Technical Security Leadership: Serve as a technical reference for the team, ensuring adoption of security standards and conducting code and architecture reviews focused on vulnerabilities. * Collaboration and Compliance: Collaborate with Information Security, Legal, and Business teams to translate security and privacy requirements into efficient technical solutions. * Incident Response: Contribute to defining and implementing security incident response strategies, ensuring system resilience. * Continuous Improvement: Participate across the full software development lifecycle, continuously enhancing the security posture of our products and services. * Mentoring: Support and mentor junior and mid-level engineers, sharing knowledge on secure development and privacy. 2512040202181900824