Description

APPLICATION SECURITY ANALYST

Decskill is a 100% Portuguese technological company, founded in 2014, and we currently have more than 200 employees. Decskill operates in both national and international markets, with offices in Lisbon, Oporto and A Coruña, capable to provide services to any location in the national territory.

How can Decskill be an accelerator to your career?

We currently operate in 3 major areas: outsourcing by DECSKILL; augmented reality and computer vision products and solutions, by PROSKILL; and Agile training and coaching, by GETSKILL.

The success of Decskill is built from the inside out, with talented employees and constant evolution, with innovative aspirations and a commitment to make a difference.

We are searching for an Application Security Analyst to work in Porto!

Responsibilities:

• Create, communicate, and handle the approval for application security designs created;
• To be the subject matter expert for all assigned projects and initiatives with a focus on Application Security and security controls, standards, and processes in this space;
• Create appropriate security design documents and diagrams for all projects and initiatives;
• Provide full technical feedback to Development teams based on application and system deficiencies identified during reviews by providing technical documentation outlining the security posture of reviewed solutions;
• Provide Executive level non-technical analysis to effectively illustrate the potential impact of weaknesses identified to various audiences;
• Create secure system lifecycle standards and secure coding standards based on the threat landscape and industry best practices;
• Responsible for the mapping of the entire IT/systems estates, and the assessment of the same for security gaps/flaws;
• Perform vulnerability assessment to internal and 3rdparty applications;
• Research new vulnerabilities which CIL might be exposed and develop proofs-of-concept;
• Stay aware of the threat landscape specific to CIL and adjust/draft solutions designs according to developments.

Requirements:

• Background in Information Security and Security Assessments (threat assessments, architecture reviews, penetration tests, code review);
• Degree in IT-related fields;
• Experience with DevSecOps, Cloud Environments (Azure) and automation;
• Knowledge of secure system and application design and hardening, and IT infrastructure and security-specific controls;
• Good communication skills in English.

If you’re interested in this job please send your CV in English to [email protected] with the reference “BV/ASA”.