Software Security Specialist (DevSecOps / SAST)

Your responsibilities will include conducting security assessments, providing training on secure coding practices, and collaborating with IT teams to enhance security processes. We offer a permanent contract, flexible schedule, health insurance, and opportunities for training and certifications., * Implement and manage SAST tools across the organization.

• Conduct security assessments of applications using SAST tools.
• Provide training on secure coding practices.

Conocimientos

DevSecOps SAST tools Secure coding practices CI/CD pipelines Container orchestration (Kubernetes/OpenShift) Scripting languages (Python, PowerShell, Bash) Descripción del empleo

Omega CRM Consulting is looking for a CISOC Application Security Engineer that would like to collaborate with one of the top global pharmaceutical companies.

As a member of the Cyber Intelligence & Security Operations Center (CISOC) team, you will be responsible for implementing and managing Static Application Security Testing (SAST) within our organization. Responsibilities

• Implement and manage SAST tools across the organization.
• Conduct security assessments of applications using SAST tools.
• Provide training and guidance to development teams on the use of SAST tools and secure coding practices.
• Participate in the development and enforcement of security policies and procedures.
• Help to formulate vulnerability management frameworks & working structures.
• Perform tasks including research, classification and analysis of security events and vulnerabilities detected.
• Act as point of contact for managing & delivering various vulnerability & remediation reports.
• Work in close collaboration with the IT Team members and stakeholders to deliver and implement technology solutions in support of the business objectives to improve productivity and enhance processes and security.
• Understand BI framework and follow defined processes. Ensure compliant documentation requirements and guarantee its production as required according to the SOPs and working instructions.
• Work with various risk & information security teams in presenting vulnerability management status & updates to technology subject matter experts & management.

• Strong background in DevSecOps and application security.
• Experience with CI/CD pipelines and container orchestration.
• Proficiency in scripting languages such as Python or PowerShell., * Strong background in DevSecOps, application security, SAST tools, and secure coding practices.
• Experience with CI/CD pipelines (Jenkins) and container orchestration (Kubernetes/OpenShift).
• Proficiency in scripting languages (Python, PowerShell, or Bash).

Nice to have Requirements

• Knowledge of security vulnerabilities, threat mitigation, and remediation processes (triage, prioritization, change management).
• Ability to work in international, multicultural environments with strong English communication skills.
• Solid analytical, problem-solving, teamwork, and results-driven mindset.
• Familiarity with automation, APIs, and AI in DevOps, including LLMs, agent-based systems, and workflow orchestration.
• Relevant security certifications are a plus but not mandatory.

• Permanent contract.
• Flexible Schedule. We make it easy. Balance your professional and personal life.
• Trainings & Certifications. Improve your skills and get the official certificate from our main partners.
• Home Office.
• Flexible retribution (public transport ticket, Ticket restaurant, ...).
• Health insurance.
• OMEGA in action. Our commitment to a better society is not just an intention.