Browse
···
Log in / Register
Job Summary: We are seeking a senior Application Security professional to lead security testing, validation of requirements, and software certification in banking and financial environments. Key Highlights: 1. Lead security and software certification testing 2. Support and accompany the Secure Software Development Life Cycle (SSDLC) 3. Classify vulnerabilities using CVSS 4.0 and generate reports At **Devsu**, we seek a senior **Application Security** professional to lead the execution of security testing, validation of non-functional requirements, and software certification in banking and financial environments. **This position is remote for candidates across LATAM and hybrid for those based in Quito, Ecuador; you will be assigned to one of our most important clients in the Latin American financial and banking sector.** ### **RESPONSIBILITIES** * Execute security testing on applications (Front-end, Back-end, APIs, databases, integrations, infrastructure, cloud, mobile, AI/LLM, plugins, and additional components). * Validate compliance with non-functional security requirements defined by Architecture. * Support and accompany the Secure Software Development Life Cycle (SSDLC). * Define and document security test cases prior to execution, aligned with established standards. * Classify vulnerabilities using the CVSS 4.0 methodology. * Generate detailed technical reports containing findings, evidence, and remediation recommendations. * Prepare executive reports and compliance metrics for technical and business stakeholders. * Deliver enablers for effective vulnerability management and closure. * Track the effectiveness of implemented remediations. * Provide support during security incidents, Bug Bounty programs, and threat hunting activities. * Review risk matrices with a cybersecurity focus. * Integrate security guidelines into Tribe, COE, and strategic project initiatives. * Implement monitoring and alerting mechanisms to identify deviations or non-compliance. * Promote continuous improvement, innovation, and operational agility from an Application Security perspective. * Support the execution of strategies defined by the Application Security team. **Requirements** * University degree in Systems Engineering, Computer Science, or Cybersecurity. * Postgraduate degree in Cybersecurity or Information Technologies. * Certifications in offensive security or application assurance (HTB CWES, HTB CPTS, eWPTX, CSSLP, CPENT, OSCP, OSWE, LPT, CEH Master, BSCP). * Proven experience in the Secure Software Development Life Cycle (SSDLC). * Experience validating non-functional security requirements. * Experience executing security testing on: * + Front-end and Back-end applications + APIs and integrations + Databases + Infrastructure and cloud environments + Mobile applications + AI / LLM + Plugins and additional components * Proficiency with the CVSS 4.0 calculator for vulnerability classification. * Experience generating technical and executive reports with remediation recommendations. * Experience in vulnerability management and tracking. * Structured documentation of test cases and validation of remediation effectiveness. * Experience working under agile methodologies. * Experience with banking platforms and systems. * Experience providing support during security incidents and Bug Bounty programs. * Knowledge of risk matrices with a cybersecurity focus. * Ability to generate metrics, KPIs, and executive reports. * Experience implementing compliance monitoring and alerting mechanisms. * Experience collaborating with Tribes, COEs, and business units from an Application Security perspective. **Benefits** At **Devsu**, we believe in creating an environment where you can **thrive both personally and professionally**. By joining our team, you’ll gain access to benefits designed to support your holistic development and well-being: * **Long-term stable employment contract**, with ample opportunities for **professional growth**. * **Private health insurance**, for your peace of mind and that of your family. * **Ongoing training, mentoring, and learning programs**, keeping you up-to-date with the latest technologies and methodologies. * **Free access to AI training resources** and state-of-the-art AI tools to enhance your daily work. * **Flexible paid time off (PTO) policy**, in addition to **paid public holidays**. * Participation in **challenging, world-class software projects** for clients in the **United States and Latin America**. * Collaboration with some of the region’s **most talented software engineers**, within a **diverse, inclusive, and collaborative environment**. Join Devsu and discover a workplace that values your growth, supports your well-being, and empowers you to make a global impact.
