Information Security Specialist – AppSec

Job not on LinkedIn

🕒 May 25

Apply Now

Find Similar Remote Jobs

Receive Emails For Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Upload Resume

Flash

WebsiteLinkedInAll Job Openings

501 - 1000 employees

Founded 2018

🤝 B2B

👥 HR Tech

☁️ SaaS

B2B • HR Tech • SaaS

Flash is a platform that centralizes the management of employee benefits, personnel, and corporate expenses. It offers solutions for managing various types of employee benefits, streamlining expenses, and overseeing workforce management in an integrated manner. With its tools, Flash aims to improve efficiency and satisfaction within companies by simplifying workflows across HR and financial operations.

📋 Description

• Work closely with development teams to promote secure development practices (Secure Coding). • Support the implementation and evolution of Application Security (AppSec) and DevSecOps initiatives. • Perform security assessments of web applications, APIs, and integrations. • Identify vulnerabilities and assist teams in remediation and risk mitigation. • Participate in security-focused code reviews. • Work with security tools such as SAST, DAST, SCA and vulnerability scanners. • Support the construction of secure pipelines in CI/CD environments. • Help define standards, policies and security best practices for applications. • Participate in initiatives related to security applied to Artificial Intelligence (AI), including data protection, ensuring safe model usage and risk analysis for AI-enabled applications. • Support risk assessments related to the use of generative AI and intelligent automations within the corporate environment. • Collaborate with Engineering, Architecture, Cloud and Information Security teams to strengthen solution security. • Promote security and safe-AI awareness for technical and product teams. • Monitor trends, threats and best practices related to AppSec, DevSecOps and AI security.

🎯 Requirements

• Knowledge of Information Security with a focus on Application Security (AppSec). • Understanding of secure development and best practices based on the OWASP Top 10. • Experience or familiarity with application security testing tools: • SAST: SonarQube, Checkmarx, Semgrep. • DAST: OWASP ZAP, Burp Suite. • SCA: Snyk, Dependency-Check. • Knowledge of REST APIs, modern web applications and microservices. • Familiarity with CI/CD pipelines using tools such as GitHub Actions, GitLab CI/CD or Jenkins. • Basic knowledge of cloud computing and security in Amazon Web Services (AWS) or Google Cloud environments. • Experience with code versioning using Git. • Knowledge of containers and container security using Docker and Kubernetes. • Familiarity with cloud and container security tools such as Trivy, Wiz or Prisma Cloud. • Interest or experience in security applied to Artificial Intelligence (AI), including: • Security in the use of generative AI. • Protection of data used by AI models. • Risk assessment in AI-enabled applications. • Familiarity with frameworks and best practices such as the OWASP LLM Top 10. • Good communication skills to work closely with development, engineering and product teams. • Analytical, collaborative profile with a continuous interest in new technologies and offensive/defensive security.

🏖️ Benefits

• Flash Card (the beloved pink one!) with flexible benefits: meal, grocery, mobility, health, education, culture and wellness • Health insurance • Life insurance • Extended maternity and paternity leave + childcare assistance • Day off on your birthday 🎂 • Hybrid and flexible work model + home office allowance + in-office experiences • Exclusive partner discounts via the Flash app • TotalPass • Pet care benefit with Guapeco