Application Security Engineer - SSDLC & Threat Modeling

• Ensure products are secure from threats throughout the development lifecycle.
• Develop new rules in the SAST tool.
• Strengthen Threat Modeling and SSDLC capabilities.
• Collaborate in creating code security related automatisms.
• Work directly with development teams to align SSDLC processes.
• Develop the 'Security Champion' role within development teams.

A leading digital services firm in Spain is seeking an Application Security Engineer to ensure the security of products through the software development lifecycle. The ideal candidate will have experience with SAST tools, a deep understanding of SSDLC, and excellent communication skills in English and Spanish. This role offers opportunities for professional growth within an agile environment supported by a renowned financial institution. The company provides competitive remuneration, an attractive benefits package, and a great working atmosphere., * Experience with SAST tools such as GHAS, Checkmarx, Fortify, Veracode.

• Deep understanding of Secure Software Development Life Cycle (SSDLC).
• Experience implementing Continuous Integration/Continuous Deployment (CI/CD) pipelines.
• Knowledge of threat modeling, Github Actions, Infrastructure as Code (IaC), OWASP top 10, AWS including Lambda and CloudFormation.
• Excellent communication skills for interacting with development teams and stakeholders in English and Spanish.
• Organized and detail-oriented approach to work., Experience with SAST tools such as GHAS, Checkmarx, Fortify, Veracode Deep understanding of SSDLC Experience implementing CI/CD pipelines Knowledge of threat modeling process Excellent communication skills in English and Spanish Organized and detail-oriented approach Descripción del empleo

Competitive remuneration Attractive benefits package Possibility of growth within the company Excellent work environment Social clubs and frequent events