DevSecOps Lead
Social network you want to login/join with:
Boost IT is a Portuguese technology consultancy company, integrated into one of the most entrepreneurial groups in Portugal, with investments in more than 30 companies.
We aim to be known as the most dynamic, energetic, and reliable company in the market, and for that, we want to count on you.
If you're passionate about technology and eager to work on the most relevant technology projects, then this ad could be for you!
Boost IT. Doing IT. Better
Tasks
- Do you love solving complex technical issues and interacting with people?
- Design and implement security architectures for software applications;
- Interact with the security champions guild to gather feedback to improve security practices;
- Develop and enforce secure coding practices across development teams;
- Collaborate with development teams to ensure adherence to secure software development lifecycle (SDLC) practices;
- Provide guidance on security assessments and code reviews to identify vulnerabilities;
- Conduct threat modeling exercises;
- Guide and train developers on application security best practices;
- Stay updated with the latest security trends and technologies;
- Validate App
Sec pipeline adoption and address blockers for widespread implementation; - Review application lifecycle and validate its security posture.
Requirements
- We don’t expect supermen or wonder women, but we do have some requirements.
- Developer at heart, not just a security specialist.
- Need to speak and breathe Dev
Sec
Ops. - Think security, development, and operations at scale and automated.
- Ability to manage a team of security experts while being a team player.
- Assist teams in identifying and managing a security champions guild.
- Responsible for interacting with champions to evangelize and promote application security best practices.
- Strong knowledge of application security principles and practices, including OWASP.
- Familiarity with security libraries, controls, and common software security practices.
- Knowledge of SSDLC and CI/CD best practices.
- Experience with security testing tools and methodologies.
- Familiarity with cloud environments (AWS, Azure, GCP) and Zero Trust architecture.
- Tools and tech stack: Terraform/Ia
C, Git
Hub/Git
Lab, Docker, Zero Trust, CI/CD pipelines, Trivy/Anchore,
- native architectures, Python, Node. js. - Knowledge of industry compliance and security standards including NIST CSF, NIST SP800-53, QNRCS, NIS 2. 0, OWASP, CIS Controls, MITRE ATT&CK, and ISO 27000 series.
- Excellent
- solving skills and attention to detail. - Strong communication and interpersonal skills.
- Ability to bridge Cloud & Dev
Ops, SOC, GRC, and delivery areas. - Foster a culture and awareness of application security.
Boost IT. Doing IT. Better
Boost IT was founded in 2018 with the core belief that technology can be used to elevate people and improve the world.
#J-18808-Ljbffr- Informações detalhadas sobre a oferta de emprego
Empresa: TN Portugal Localização: Lisboa
Lisboa, Lisboa, PortugalPublicado: 23. 5. 2025
Vaga de emprego atual
Seja o primeiro a candidar-se à vaga de emprego oferecida!