Security Consultant

For the SDLC function within the CISO department, we are looking for a person with the following profile:

Responsibilities:

• Governance and management of vulnerabilities in containers (Docker, Kubernetes).
• Risk assessment of new applications from the design phase (Threat Modeling).
• Management and tracking of code vulnerabilities: library analysis (SCA), static code analysis (SAST), and dynamic analysis (DAST).

Requirements:

• Experience in software development.
• Knowledge of Docker, Kubernetes, and container ecosystems.
• Experience with security code analysis tools and container scanning.
• Interest in cybersecurity and willingness to learn about new threats and solutions.
• Good communication and teamwork skills.
• Desirable: experience with SDLC processes, security standards, and cloud platforms (AWS, Azure, GCP).

We value:

• Cybersecurity certifications (e.g., OSCP, CKA, CKS, CISSP, etc.).
• Proactivity, technical curiosity, and continuous learning ability.
• Experience in banking, fintech, or regulated sectors.

Important

Project Overview:

- Focus: Code security analysis and fixing vulnerabilities in containers.

- Tools: Advanced security tools, including SAST for analysis.

- Scope: Identifying and addressing vulnerabilities in library code (SCA), static code (SAST), and dynamic code (DAST)..

- Cybersecurity.

Candidate Requirements:

- Role: Analyst 1

- Experience: 2–3 years of experience.

- Technical Skills:

- Experience in SDLC processes and security regulations.

- Knowledge of cloud environments (AWS, Azure, or GCP).

- Knowledge of Java and Python is an added advantage.

- Languages: English is mandatory; Spanish is a \"nice to have.\"

The candidate has a good attitude.