Application Security Analyst Porto

Application Security Analyst
Porto
Porto, Porto District, Portugal

Social network you want to login/join with:

About Celfocus

Celfocus is a European
- tech system integrator, providing
- edge professional services focused on creating business value through Analytics and Cognitive solutions. We address strategic opportunities across Telecommunications, Financial Services, Retail, Energy & Utilities, Pharmaceutical, and other markets.

As a highly specialized engineering company, Celfocus helps clients innovate by providing technological solutions to extract and act on data value. Serving clients in over 25 countries, we deliver solutions that enhance customer experience and operational efficiency through our Cognitive Automation, Data & Analytics, and Digital offerings.

Why Join Us?

• Make an impact: Work in sectors where technology is transformative and innovation is constant.
• Be part of a diverse team: Collaborate with professionals from various backgrounds who bring business knowledge, technical expertise, and design experience.
• Face challenges: Grow by exploring new ways of thinking and seeing the world—your energy and creativity are valued.

About the Role

We are looking to add an Application Security Analyst to our team.

Responsibilities

• Conduct analysis and threat modeling for new and existing products/projects.
• Analyze requirements and collaborate with all software development participants.
• Perform penetration testing on web applications.
• Execute manual and automated testing procedures.
• Participate in all stages of the product lifecycle development.

What We Are Looking For

• Experience as a Dev
  Sec
  Ops Security Analyst.
• Strong knowledge of security assurance tools.
• Solid understanding of CI/CD pipelines.
• Deep knowledge of vulnerabilities and security protocols.
• Basic understanding of security compliance requirements.
• Ability to work with teams including Analysts, Designers, Architects, Developers, and Dev
  Ops.
• Knowledge of HTTP and programming languages.
• Familiarity with OWASP Top 10 vulnerabilities, how to find, exploit, and fix them.
• Experience with web scanners like Burp Suite, ZAP, Acunetix, Netsparker, etc.
• Teamwork skills and a desire to grow in application security.
• Clear logic, attention to detail, and flexibility.
• Proficiency in English, especially reading technical documentation.

Nice to Have

• Knowledge of Linux or Windows OS.
• Scripting skills (Power
  Shell, Python, Bash).
• Understanding of OWASP ASVS, Testing Guide, and product planning.
• Familiarity with protocols like OAuth, JWT, websockets.
• Experience with cloud platforms (Azure, AWS, GCP).
• Experience with CI/CD tools like Jenkins, Azure Dev
  Ops, Git
  Lab.
• Penetration testing experience.

Additional qualities include adaptability, teamwork, autonomy, motivation for international projects, and willingness to travel and collaborate. We are committed to diversity and inclusion; all applicants are welcome, and accommodations will be provided as needed.