SecOps Engineer (AppSec)
Vitória, Espírito Santo
Tech and IT Operations - America – Security Ops - Americas /
Full-time /
Remote
WHO WE ARE
At Trustly, we’re on a mission to deliver a better way to pay and get paid. Consumers deserve a payment option that prioritizes financial responsibility, and merchants should have the independence to accept payments without unnecessary costs. This mission drives everything we do.
We’re revolutionizing the payments industry by making Pay by Bank the new standard at checkout, providing a smarter payment option to credit and debit cards. For merchants and consumers, this means the freedom to make and receive payments with greater security and ease.
Fueled by this purpose, we’ve grown into a global network connecting 9,000 merchants to 650 million consumers through 12,000 banks across 33 countries, processing over $58 billion annually. As the leader in Pay by Bank, we aim to redefine the payments experience by delivering exceptional products and unmatched value.
With regional offices in Vitória, Brazil and Silicon Valley, USA, and our global headquarters in Stockholm, Sweden, we are a diverse team that spans over 30 nationalities. Embracing a culture of innovation and collaboration, our 'work from anywhere' policy allows employees in Brazil, the U.S., and Canada to work remotely within their country of residence, enabling flexibility while staying connected to our global team.
At Trustly, we believe that inclusion and diversity are essential foundations for building a fair and equitable society. We do not discriminate based on race, religion, ancestry, color, national origin, gender identity, sexual orientation, age, citizenship, marital status, or disability status. Our main goal is to provide a fair, welcoming, diverse environment with opportunities for all collaborators. The stages of our selection process take place online and without distinction of any kind.
Now is the perfect time to join us and help accomplish our mission. If you’re inspired by purpose, thrive in a fast-paced and entrepreneurial environment, and are ready to shape the future of payments, we’d love to hear from you!
About the team
The SecOps team is responsible for design and implementation of security tools and processes targeting the tools and the platform, such as incident management, root cause analysis, application security, endpoint security, Cloud Security Governance,Kubernetes Security and Deployments.
What you will do:
- Protect the confidentiality, integrity, and availability of applications, services, data, and cloud infrastructure.
- Identify, analyze, and mitigate vulnerabilities.
- Provide support, guidance, and education to the DevOps Team, application owners, and other areas.
- Plan, manage, and execute remediation efforts.
- Assist with the development of application security test plans.
- Research, evaluate, and recommend new and existing tools and techniques.
- Collaborate with threat detection and incident response when responding to security threats.
- Provide documentation on vulnerability and risk analysis for security audits.
- Develop and implement application security processes, including identifying application security weaknesses, developing security strategies, and performing penetration tests
- Develop and implement security-related standards, policies, and procedures
- Analyze security data to identify and mitigate potential threats
- Perform internal security audits
- Conduct internal penetration tests and vulnerability assessments, as well as develop remediation plans for findings
- Create and manage risk analysis documentation
- Manage the development of security metrics and reports
- Manage the architecture and implementation of information security best practices
- Maintain a security engineering knowledge base
Who you are:
- Graduation complete or in progress in IT courses or related areas.
- Previous experience as an AppSec Engineer or Penetration Tester with Cloud Security capabilities.
- Experience in reviewing and implementing internal processes and controls, and managing security projects.
- Knowledge in cybersecurity, with focus on cloud security, infrastructure, and monitoring;
- Previous experience with Amazon AWS;
- Knowledge of the PTES, OSSTM, OWASP, and NIST CSF.
- Offensive security certifications like OSCP, eCPPT or, others will be a plus.
- Advanced English.
Our perks and benefits:
- Bradesco health and dental plan, for you and your dependents, with no co-payment cost;
- Life insurance with differentiated coverage;
- Meal voucher and supermarket voucher;
- Home Office Allowance;
- Wellhub - Platform that gives access to spaces for physical activities and online classes;
- Trustly Club - Discount at educational institutions and partner stores;
- English Program - Online group classes with a private teacher;
- Extended maternity and paternity leave;
- Birthday Off;
- Flexible hours/Home Office - our culture is remote-first! You can work in every city in Brazil;
- Welcome Kit - We work with Apple equipment (Macbook Pro, iPhone) and we send many more treats! Spoiler alert: Equipment can be purchased by you according to internal criteria!;
- Annual premium - As a member of our team, you are eligible to receive an annual bonus, at the company's discretion, based on the achievement of our KPIs and individual performance;
- Referral Program - If you refer a candidate and we hire the person, you will receive a reward for that!
Check out our Glassdoor or our Brazil Life page on Linkedin for more details about Brazil, our culture, and much more.
#LI-Remote
#LI-CHERRYNE-TRUSTLY
At Trustly, we embrace and celebrate diversity of all forms and the value it brings to our employees and customers. We are proud and committed to being an Equal Opportunity Employer and believe an open and inclusive environment enables people to do their best work. All decisions regarding hiring, advancement, and any other aspects of employment are made solely on the basis of qualifications, merit, and business need.
