Назад
Company hidden
6 дней назад

Director Security Engineer (DevSecOps)

Формат работы
remote (только Brazil)
Тип работы
fulltime
Грейд
director
Английский
b2
Страна
Brazil
Вакансия из списка Hirify.GlobalВакансия из Hirify Global, списка международных tech-компаний
Для мэтча и отклика нужен Plus

Мэтч & Сопровод

Для мэтча с этой вакансией нужен Plus

Описание вакансии

Текст:
/

TL;DR

Director Security Engineer (DevSecOps): Leading technical security strategy and application security for a global wellness platform with an accent on DevSecOps pipelines and security architecture. Focus on implementing automated security tooling, driving threat modeling, and reducing MTTD through engineering and automation.

Location: Remote (Brazil). Must be based in Brazil.

Company

hirify.global is a global workplace wellness platform that connects employees worldwide to fitness, mindfulness, therapy, and nutrition partners through a single subscription.

What you will do

  • Lead the technical security strategy for product and application security, defining architecture standards and secure coding guidelines.
  • Architect and implement a comprehensive DevSecOps pipeline integrating SAST, DAST, SCA, and container scanning.
  • Drive threat modeling practices across critical product flows to mitigate risks before production.
  • Design and implement a centralized security telemetry architecture connecting logs, WAF events, and fraud signals into a unified SIEM.
  • Lead the technical evaluation and implementation of security tools such as PAM, API Gateway security, and container scanners.
  • Mentor a team of embedded DevSecOps engineers across product verticals to ensure consistent security standards.

Requirements

  • Must be based in Brazil.
  • 4+ years in a senior technical leadership role in application security, cloud security, or security engineering.
  • Deep expertise in SSDLC, threat modeling (STRIDE, PASTA), and security architecture for distributed systems.
  • Hands-on experience with security tooling: SAST (Checkmarx, Snyk), DAST (Burp Suite), SCA, and SIEM platforms (Elastic, Splunk).
  • Knowledge of cloud security (AWS and/or GCP), including IAM, VPC, and Kubernetes/EKS.
  • Proficiency in at least two programming languages (Python, Go, Java, or JavaScript).

Nice to have

  • Familiarity with compliance frameworks such as ISO 27001, PCI DSS, and LGPD/GDPR.

Culture & Benefits

  • Free Gold+ hirify.global membership for the employee and up to three family members.
  • Comprehensive emotional wellbeing program (Wellz) with 52 therapy sessions per year.
  • Health, dental, and life insurance.
  • Flexible work options with home office reimbursement.
  • 100% paid parental leave and flexible vacation policies.
  • Access to personalized development roadmaps and internal career growth opportunities.

Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →