Application Security Analyst (Mid/Senior) Lisboa

Application Security Analyst (Mid/Senior)
Lisboa
Lisboa, Lisboa, Portugal

Application Security Analyst (Mid/Senior)

Celfocus

Celfocus is a European
- tech system integrator, providing professional services focused on creating business value through Analytics and Cognitive solutions – addressing Telecommunications, Energy & Utilities, Financial Services and other sectors.

Make an impact by working for sectors where technology is the enabler, everything is
- breaking and there’s a constant need to be innovative.

Be part of the team that combines business knowledge, technological edge and design experience. Our different backgrounds and
- how are key in developing solutions and experiences for digital clients.

Face challenges and learn other ways of thinking and seeing the world - there’s always room for your energy and creativity.

About the role

Celfocus is looking to add an Application Security Analyst to join our team.

As a part of your job, you will:

1. Conduct analysis and threat modeling for new and existing Celfocus products/projects.
2. Analyze and discuss requirements; interact with all participants in the software development process.
3. Perform penetration testing on web applications.
4. Conduct both manual and automated testing.
5. Participate in the creation and development of the company's products at all stages of their life cycle.

What are we looking for?

1. Previous experience as a Dev
   Sec
   Ops Security Analyst.
2. Profound security assurance tool knowledge.
3. Profound CI/CD knowledge.
4. Profound vulnerability knowledge.
5. Basic understanding of security compliance requirements.
6. Capability to align with teams from Analysts, Designers, Architects, Developers to Dev
   Ops.
7. Knowledge of HTTP.
8. Working knowledge of programming languages.
9. Knowledge of the Top 10 OWASP vulnerabilities: how to find, exploit and fix them.
10. Knowledge of Burp Suite or other popular web scanners like ZAP, Acunetix, Netsparker, etc.
11. The desire and ability to work in a team.
12. The desire to develop yourself in the field of application security.
13. A lively and flexible mind, clear logic, a
    - oriented approach.
14. Knowledge of English at least at the level of reading technical documentation.

Nice to have:

1. Good knowledge of Linux or Windows operating systems.
2. Skills in scripting and automating your work using Powershell, Python, Bash, etc.
3. Knowledge of the OWASP Application Security Verification Standard (ASVS), OWASP Testing Guide and experience in whole product or feature planning.
4. Familiarity with various protocols and attacks against them (OAuth, JWT, websockets, etc. ).
5. Experience with public clouds (Azure, AWS, GCP).
6. Experience with pipeline Orchestrators (Jenkins, Azure Dev
   Ops, Git
   Lab CI/CD).
7. Penetration testing experience.

Ability to adapt to different contexts, teams and clients.

Teamwork skills but also a sense of autonomy.

Motivation for international projects and willingness to travel.

Willingness to collaborate with other players.

Believe this is you? Come join the Team! At Celfocus, we are committed to cultivating a diverse and inclusive workplace. As an
- opportunity employer, we welcome applicants of all backgrounds, gender identities, and abilities. We are dedicated to providing reasonable accommodations for candidates with specific needs. If you require any adjustments during the selection process, please inform our Talent Acquisition Team.