Nearshore Sector |Application Security (AppSec) Analyst

At Devoteam, we believe that technology with strong human values can actively drive change for the better. Discover how Tech for People unlocks the future, creating a positive impact on the people and the world around us.

We are a global leading player in Digital Transformation for leading organisations across EMEA, with a revenue of €1B. We believe in transforming technology to create value for our clients, partners and employees in a world where technology is developed for people. We are proud of the culture we have built together. We are proud of our people at the service of technology. We are proud of our diverse environment. Because we are #TechforPeople. Join our multidisciplinary team of Cloud experts, Designers, Business consultants, Security experts, Engineers, Developers and other extraordinary talents, spread across more than 20 EMEA countries.

Become one of our +10.000 tech and business leaders on cloud, data and cyber security. Let’s fuse creativity with technology together and build innovative solutions that actively change things for the better.

We are looking for an Application Security (AppSec) Analyst to join our team, focusing on identifying and managing application vulnerabilities throughout the Software Development Life Cycle (SDLC). This role is critical for ensuring the security of our software ecosystem, bridging the gap between security protocols and development agility. You will be responsible for operating security scanning tools and collaborating closely with development teams to implement robust remediation plans.

 

Responsibilities

• Vulnerability Management: Operate and manage security scanning tools, including SAST, SCA, IaC, and Container Scanning (specifically Veracode, GHAS, and Hackuity).

• Analysis & Prioritization: Qualify and prioritize vulnerabilities identified in code, providing actionable insights and accompanying remediation efforts with development squads.

• Security Integration: Deeply integrate security measures into CI/CD pipelines using tools like Git, Azure DevOps, and GitHub.

• Community Engagement: Foster a culture of secure coding by leading developer communities, producing awareness content, and conducting onboarding for new projects within the AppSec program.

• Coordination: Maintain autonomy in coordinating the adoption of security measures across target projects, ensuring compliance with the OWASP Top 10.

• Experience: Proven experience in Application Security, specifically in vulnerability detection and management within the SDLC.

• Technical Stack: Strong hands-on knowledge of programming languages including JavaScript, .NET (C#), Python, and Java

• Security Tools: Proficiency with SAST/SCA platforms (experience with Checkmarx or Veracode is highly valued).

• Frameworks: In-depth understanding of the OWASP Top 10 and secure coding practices.

• DevOps Culture: Familiarity with CI/CD pipelines, Git workflows, and cloud-native security concepts.

• Communication: Fluency in English (B2 level minimum) to collaborate effectively in an international nearshore environment.

Devoteam Group works for equal opportunities, promoting its employees based on merit and actively fights against all forms of discrimination. We are convinced that diversity contributes to the creativity, dynamism and excellence of our organization. All of our vacancies are open to people with disabilities.