28 abr
|
Orienta
|
Buenos Aires
28 abr
Orienta
Buenos Aires
Postúlate en Kit Empleo: kitempleo.com.ar/empleo/oe9gj
Principal Application Security Engineer | Product Security (Remote, LATAM)
100% Remote - Open to candidates in LATAM region
Employment Type
Contractor
About Our Client
A leading cloud-native SaaS company in the Human Capital Management (HCM) space, serving a general customer base across North America, EMEA, and Asia Pacific. Their award-winning platform enables organizations worldwide to manage their workforce with efficiency, compliance, and confidence. With a strong mission of making work life better, this company is committed to its employees, customers, partners, and communities globally.
About the Opportunity
We are looking for a Principal Application Security Engineer to join their Product Security team. In this role, you will be a key driver of security across the engineering organization – leading security reviews, shaping architecture decisions, owning high‑impact initiatives, and enabling engineering teams to build with security by design. This is a senior, hands‑on individual contributor role with significant influence over the company's overall security posture.
What You Will Do
- Product Security Reviews: Lead and scale product security reviews across multiple engineering teams and services, including code reviews, threat modeling, and dynamic/static analysis. Establish patterns and reusable approaches to improve consistency and coverage.
- Architecture & Design: Serve as a security thought partner for product architects and engineers. Guide threat modeling efforts, assess technical risk, and champion security best practices throughout the SDLC.
- Strategic Initiatives:
Own high‑impact security projects that shape the future of the client's product security posture – including supply chain security automation, advanced SAST/DAST integrations, and secure development training programs.
- Vulnerability Remediation: Leverage available tools to investigate security issues, assess root causes, and design effective remediation strategies. Partner closely with engineering teams to ensure fixes align with security best practices.
- Engineering Enablement: Build frameworks, guidance, and tooling that empower engineering teams to independently build secure systems. Act as a mentor and subject‑matter expert across teams.
What You Bring
- Hands‑on experience in application or product security with a strong foundation in software engineering and secure system design.
- Technical depth in at least one modern programming language (C#, Java, or Python).
- Familiarity with secure CI/CD practices and software supply chain security.
- Cloud security expertise in Azure and/or AWS, including IAM, containerization, networking, and native security controls.
- Experience defining or scaling application security programs in a cloud‑native environment.
- Ability to analyze complex distributed and microservices‑based systems.
- Excellent communication skills – able to articulate risk and trade‑offs to both technical and non‑technical audiences.
- Experience with SAST/DAST tools, Atlassian suite, and pentesting tools such as Burp Suite and sqlmap.
- Ability to perform black‑box and grey‑box testing of web applications and APIs.
Nice to Have
- Prior experience in a SaaS or cloud‑native company.
- Contributions to open‑source security tools or research.
#J-18808-Ljbffr
Postúlate en Kit Empleo: kitempleo.com.ar/empleo/oe9gj
📌 Principal Application Security Engineer | Product Security (Remote, LATAM) (Buenos Aires)
🏢 Orienta
📍 Buenos Aires