Application Security Engineer

dLocal

  • Buenos Aires
  • Permanente
  • Tiempo completo
  • Hace 8 horas
**Why you should join dLocal?**dLocal enables the biggest companies in the world to collect payments in 40 countries in emerging markets. Global brands rely on us to increase conversion rates and simplify payment expansion effortlessly. As both a payments processor and a merchant of record where we operate, we make it possible for our merchants to make inroads into the world’s fastest-growing, emerging markets.By joining us you will be a part of an amazing global team that makes it all happen, in a flexible, remote-first dynamic culture with travel, health, and learning benefits, among others. Being a part of dLocal means working with 800+ teammates from 25+ different nationalities and developing an international career that impacts millions of people’s daily lives. We are builders, we never run from a challenge, we are customer-centric, and if this sounds like you, we know you will thrive in our team.**What’s the opportunity?**:- Implement a software assurance model designed to address security defects early in the delivery pipeline
- Perform security design reviews for new features and product releases
- Perform code reviews and advise developers on remediation techniques
- Design controls to detect and respond to common attacks on our platform
- Triage and respond to external inquiries around security vulnerabilities
- Facilitate internal training on various security topics to raise awareness and interest**What skills do I need?**:- Strong proficiency in at least one programming language like Java and/or NodeJS and also knowledge in any scripting languages
- Hands-on experience working with developers in building a software assurance model
- Experience designing secure web services, APIs and microservice architectures
- Familiarity with threat modeling frameworks in cloud-base environments (OWASP, STRIDE, MITRE, etc)
- Familiarity with implementation and maintenance of SAST/DAST/IAST/SCA security sensors in a development pipeline
- Understanding of a complete SDLC and how to make it secured (S-SDLC)
- Familiarity with Cloud platforms (AWS or equivalent)
- Ability to lead people to problem resolution when it comes to Security (Integrate teams, specially Engineering Team)
- Effective written and oral communication involving both business and technical sides of the business
- Quickly identify issues and solve them
- Ability to present technical risks to broader audience (both written and spoken);
**Nice to have!**:- Certified in any related security development certifications like CSSLP, CASE or others
- Exposure to PCI-DSS framework or any other relevant security standard will be valued
- Extensive knowledge of security architectures, both monoliths and microservices, including how they are developed and operate at scale
- Have had developed a personal or enterprise software/script with focus on security (exploitation of vulnerabilities, hardening automation, API integration for security;**What happens after you apply?**Also, you can check out our webpage, Linkedin, Instagram, and Youtube for more about dLocal!

Kit Empleo