Job Description: **Objective** Provide specialized support in application cybersecurity throughout the software development lifecycle (SDLC), ensuring the integration of security controls at each stage of the process through the adoption of agile methodologies and DevSecOps principles. Actively collaborate with development teams to implement secure practices, automate security validations, and strengthen the security posture of business applications, both on-premise and in the cloud. **Responsibilities** Define and execute security controls in the software development lifecycle. Participate in development projects, implementations, and continuous improvement using agile methodologies. Implement automated security scans in CI/CD pipelines (SAST, DAST, SCA). Assist in secure code reviews and penetration testing for web and mobile applications. Evaluate and ensure the security of exposed/internal APIs. Collaborate with architects and developers in the secure design of solutions. Contribute to managing vulnerabilities identified in applications. Support migration and deployment projects in Cloud environments. Document processes, findings reports, and improvement recommendations. **Knowledge** **Mandatory** Experience in secure software development lifecycle (SDLC) and DevSecOps practices. Advanced knowledge in web and mobile application security. Experience in API security (REST, SOAP). Strong understanding of encryption techniques and data protection. Knowledge in ethical hacking, pentesting, and vulnerability analysis. Experience in scripting and programming languages. Familiarity with static/dynamic scanning tools and component analysis. Knowledge of security for Cloud environments (AWS, Azure). **Desirable** Security certifications (e.g. OSCP, CSSLP, CEH, etc.). Knowledge of frameworks and standards: OWASP, NIST, MITRE ATT\&CK, ISO 27001, etc. Experience with security tools such as WAF, IPS, NGFW, anti\-DDoS. Location: Hybrid, AMBA