Junior Application Security Engineer
Lisboa · Published on October 17, 2024
Description:
Noesis is looking for professionals with the following profile:
Junior Application Security Engineer with a strong interest in secure software development and a collaborative, hands-on approach. This role requires a passion for learning and an eagerness to work closely with development teams to integrate security into the development lifecycle. The ideal candidate has a developer mindset and is motivated to learn and apply security best practices within an agile development environment. You'll play a key role in supporting security initiatives, working with AppSec champions across teams, and building a strong security-first culture.
Main Tasks and Responsibilities:
Engage with development and security teams to address technical issues and implement secure development practices;
Assist in designing and supporting security architecture for applications;
Collaborate with a team of security champions to gather feedback and enhance AppSec processes;
Promote secure coding practices and provide support to development teams in integrating security within the SDLC;
Participate in code reviews and security assessments to help identify potential vulnerabilities;
Conduct basic threat modelling and support vulnerability management processes;
Assist in delivering application security training sessions and resources;
Stay informed about the latest security trends and share insights with team members;
Support AppSec pipeline integration efforts, helping teams adopt best practices;
Review application security posture and contribute to continuous improvement initiatives.
Requirements:
1 to 4 years of experience as Application Security Engineer;
Basic understanding of application security principles, with familiarity in topics such as OWASP Top Ten;
Some knowledge of secure software development lifecycle (SSDLC) practices and CI/CD best practices;
Exposure to security testing tools and techniques is a plus (e.g., Trivy, SAST, SCA tools);
Familiarity with cloud environments (AWS, Azure, GCP) and basic security concepts;
Knowledge of foundational tools: GitHub/GitLab, Docker, and Infrastructure as Code (e.g., Terraform);
Enthusiasm for learning about security standards and compliance frameworks like NIST CSF, OWASP, and CIS Controls;
Strong problem-solving skills with great attention to detail;
Effective communication and interpersonal skills, with a team-oriented approach;
An advocate for shift-left security practices, encouraging early-stage integration of security;
Interest in building a security-aware culture across development and operations;
English mandatory.
Work regime: Hybrid, Lisbon or Porto
If you meet these requirements and are interested in joining an audacious and innovative company, please send us your application.
Join us. Let's innovate together!
All our recruitment and selection processes are based on equal opportunities, valuing the competence and potential of each person and ensuring that no candidate is discriminated on the grounds of gender, ethnicity, sexual orientation, age, religion or physical condition.
#J-18808-Ljbffr