Application Security Engineer

Amaris
Barcelona, Spain
yesterday

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Intermediate

Job location

Barcelona, Spain

Tech stack

Bash
Python
Openshift
Powershell
Secure Coding
Security Information and Event Management
Software Engineering
Software Vulnerability Management
Scripting (Bash/Python/Go/Ruby)
Software Security
Kubernetes
Devsecops
Jenkins
Static Application Security Testing

Job description

  • Implement and manage SAST tools across the organization, ensuring effective integration into development workflows
  • Conduct security assessments of applications using SAST tools and support teams in remediation
  • Train and guide development teams on SAST usage and secure coding best practices
  • Contribute to the development and enforcement of application security policies, standards, and procedures
  • Help to define and improve vulnerability management frameworks and working structures
  • Research, classify, and analyze security events and vulnerabilities detected by tools and processes

Requirements

Amaris Consulting is seeking a DevSecOps professional in Barcelona. The role involves implementing and managing SAST tools to enhance application security and conducting security assessments. Candidates should have around 3 years of experience, proficiency in scripting languages, and good communication skills for training development teams.

This position offers the opportunity to collaborate closely with IT teams and improve application security policies. A structured mindset and professional proficiency in English are essential.

Formación

  • Around 3 years of experience in DevSecOps and application security.
  • Hands-on experience implementing and managing SAST tools.
  • Strong analytical skills to research and analyze security events.

Responsabilidades

  • Implement and manage SAST tools across the organization.

  • Conduct security assessments of applications using SAST tools.

  • Train development teams on SAST usage and secure coding practices., CI/CD pipelines Kubernetes/OpenShift Python PowerShell Bash Descripción del empleo What Would You Need?

  • Around 3 years of experience

  • Strong background in DevSecOps and application security

  • Hands-on experience implementing and managing SAST tools (Static Application Security Testing)

  • Solid understanding of secure coding practices and software development lifecycles

  • Experience working with CI/CD pipelines, ideally Jenkins

  • Knowledge of container orchestration platforms such as Kubernetes and/or OpenShift

  • Proficiency in scripting languages such as Python, PowerShell, or Bash

  • Ability to collaborate closely with IT teams, developers, and security stakeholders

  • Strong analytical skills to research, classify, and analyze security events and vulnerabilities

  • Good communication skills to train, guide, and influence development teams and present to management

  • A structured, documentation-oriented mindset, comfortable working with SOPs and defined processes

  • Professional proficiency in English (spoken and written); additional languages are a plus

Apply for this position