Key skills
AWSCloudCyber SecurityJavaJavaScriptPythonReactSDLCC#CLeadershipOWASPPenetration TestingCloud SecurityWAF
About this role
Role Overview
- Act as the security architect for public applications hosted on AWS;
- Define security standards for edge security, identity, segmentation, observability, and application resilience;
- Influence the corporate cloud security strategy, balancing security, scalability, and operational efficiency;
- Collaborate with cloud architects and DevOps teams to identify and remediate insecure configurations;
- Develop strategies for implementing WAF, CNAPP, and CSPM integrated into the organization’s security framework;
- Evaluate new AWS security services and capabilities and translate them into architecture and governance standards;
- Establish security guidelines and best practices for software development based on industry frameworks;
- Serve as the technical reference for application security during corporate projects;
- Work with development teams to integrate security throughout all phases of the SDLC;
- Identify, prioritize, and define mitigation strategies for application vulnerabilities;
- Integrate security tools, processes, and automations into the DevOps pipeline (DevSecOps);
- Define robust authentication and authorization requirements, including privilege and access controls;
- Continuously monitor threats, public vulnerabilities, and trends in the security community;
- Actively participate in projects, technical forums, and change processes to ensure security by design;
- Promote secure design practices and data integrity across users, applications, and infrastructure;
- Develop and strengthen a culture of security champions within development teams;
- Participate in and lead technical discussions in security forums and meetings;
- Build relationships with stakeholders to sustain security initiatives;
- Engage in information security projects following leadership guidance.
Requirements
- Experience in cybersecurity with a focus on web application security or security architecture;
- Experience protecting applications and environments on AWS;
- Experience in penetration testing, secure code review, and static and dynamic code analysis;
- Experience identifying and mitigating OWASP vulnerabilities;
- Familiarity with web application scanning tools;
- Strong software development background (Java, Python, C#, among others);
- Experience with web technologies and frameworks (REST, JSON, XML, JavaScript, React);
- Experience securing internal and third-party APIs;
- Background in DevOps and public and private cloud environments;
- Experience implementing and managing Web Application Firewalls (WAF);
- Knowledge of CNAPP and CSPM;
- Solid understanding of network and web protocols;
- Experience with technical documentation;
- Proven ability to communicate security risks to the business;
- University degree, preferably in a technical or analytical field;
Tech Stack
- AWS
- Cloud
- Cyber Security
- Java
- JavaScript
- Python
- React
- SDLC
Benefits
- Multi-benefit card – you choose how and where to use it.
- Study grants for undergraduate, graduate, MBA, and language courses.
- Incentive programs for professional certifications.
- Flexible working hours.
- Competitive salaries.
- Annual performance review with a structured career plan.
- Opportunity for international career mobility.
- Wellhub and TotalPass.
- Private pension plan.
- Childcare assistance.
- Health insurance.
- Dental insurance.
- Life insurance.