Director Security Engineer (DevSecOps)
Мэтч & Сопровод
Для мэтча с этой вакансией нужен Plus
Описание вакансии
TL;DR
Director Security Engineer (DevSecOps): Leading technical security strategy and application security for a global wellness platform with an accent on DevSecOps pipelines and security architecture. Focus on implementing automated security tooling, driving threat modeling, and reducing MTTD through engineering and automation.
Location: Remote (Brazil). Must be based in Brazil.
Company
is a global workplace wellness platform that connects employees worldwide to fitness, mindfulness, therapy, and nutrition partners through a single subscription.
What you will do
- Lead the technical security strategy for product and application security, defining architecture standards and secure coding guidelines.
- Architect and implement a comprehensive DevSecOps pipeline integrating SAST, DAST, SCA, and container scanning.
- Drive threat modeling practices across critical product flows to mitigate risks before production.
- Design and implement a centralized security telemetry architecture connecting logs, WAF events, and fraud signals into a unified SIEM.
- Lead the technical evaluation and implementation of security tools such as PAM, API Gateway security, and container scanners.
- Mentor a team of embedded DevSecOps engineers across product verticals to ensure consistent security standards.
Requirements
- Must be based in Brazil.
- 4+ years in a senior technical leadership role in application security, cloud security, or security engineering.
- Deep expertise in SSDLC, threat modeling (STRIDE, PASTA), and security architecture for distributed systems.
- Hands-on experience with security tooling: SAST (Checkmarx, Snyk), DAST (Burp Suite), SCA, and SIEM platforms (Elastic, Splunk).
- Knowledge of cloud security (AWS and/or GCP), including IAM, VPC, and Kubernetes/EKS.
- Proficiency in at least two programming languages (Python, Go, Java, or JavaScript).
Nice to have
- Familiarity with compliance frameworks such as ISO 27001, PCI DSS, and LGPD/GDPR.
Culture & Benefits
- Free Gold+ membership for the employee and up to three family members.
- Comprehensive emotional wellbeing program (Wellz) with 52 therapy sessions per year.
- Health, dental, and life insurance.
- Flexible work options with home office reimbursement.
- 100% paid parental leave and flexible vacation policies.
- Access to personalized development roadmaps and internal career growth opportunities.
Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →