RemoteLeaf Logo
Log in Sign up

Director Security Engineer | DevSecOps

1 month ago
Brazil
Full-time
Lead
Application Security Engineer
DevOps and Infrastructure
AWS Burp Suite CI/CD DevSecOps Elasticsearch GCP Go Java JavaScript Kubernetes Microservices Prisma Python Secrets Management SIEM SonarQube Splunk
Apply Now
Wellhub

Wellhub

Wellhub: An Upstream OS for data-driven decisions, optimizing production, reducing costs, and minimizing downtime in the Oil & Gas industry.

Gas Utilities
1-10
Founded 2016
View All Jobs 30

Description

  • Lead the technical security strategy for product and application security, including architecture standards, security baselines, and secure coding guidelines.
  • Architect and implement DevSecOps pipelines with SAST, DAST, SCA, and container scanning across CI/CD pipelines.
  • Drive threat modeling for critical product flows and work with engineering leaders to identify and mitigate risks before production.
  • Design and implement centralized security telemetry that unifies application logs, WAF events, and fraud signals in a SIEM platform.
  • Evaluate, select, and implement security tools for application security, SIEM/SOAR, PAM, API gateway security, and container scanning.
  • Build and mentor a team of embedded DevSecOps engineers across product verticals and provide technical leadership.
  • Own the security engineering roadmap for reducing detection and fraud response times through automation.
  • Partner with product and engineering leaders to balance rapid feature delivery with security and risk mitigation.
  • Promote a culture of shared security responsibility and wellbeing across engineering teams.

Requirements

  • At least 4 years of experience in a senior technical leadership role in application security, cloud security, or security engineering.
  • Deep expertise in secure software development lifecycle (SSDLC), threat modeling, and security architecture for distributed systems and microservices.
  • Hands-on experience with SAST, DAST, SCA, container scanning, and SIEM platforms.
  • Extensive cloud security knowledge in AWS and/or GCP, including IAM, VPC security, secrets management, and Kubernetes/EKS security.
  • Experience building and scaling DevSecOps programs and integrating security into CI/CD pipelines.
  • Proficiency in at least two programming languages such as Python, Go, Java, or JavaScript.
  • Familiarity with compliance frameworks such as ISO 27001, PCI DSS, LGPD, and GDPR.
  • Strong communication skills in both Portuguese and English.
  • Prior experience in application security engineering and DevSecOps pipeline implementation is mandatory.
  • Experience with tools such as Checkmarx, Snyk, SonarQube, Burp Suite, OWASP ZAP, Trivy, Prisma, Elastic, Splunk, or Sentinel is preferred.

Benefits

  • Free Gold membership with access to onsite gyms, studios, digital fitness programs, and wellness resources.
  • Ability to add up to three family members to the Wellhub plan.
  • Health insurance.
  • Hybrid and remote work options with a one-time home office setup reimbursement and a monthly work allowance.
  • Flexible scheduling aligned with time zones, team needs, and personal routines.
  • Minimum of 25 days paid holiday per year, plus additional tenure-based days and an extra birthday holiday.
  • 100% paid parental leave, including extended leave and a ramp-back period for birth parents.
  • Career growth support including learning platforms, interactive sessions, personalized development roadmaps, and internal opportunities.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Parachute Health

IT & Security Engineer (Contract)

Parachute Health 51-250 Health Care Providers & Services

Parachute Health is hiring a contractor for its IT & Security team to support secure, compliant, and efficient healthcare technology operations across identity, endpoint, network, and cloud security.

United States Contract Entry Level Security Engineer
AWS Bash CrowdStrike DHCP DNS GCP Git GitHub HIPAA Linux macOS OAuth PostgreSQL PowerShell Python SAML Splunk SQL TLS
4 hours, 37 minutes ago
MetroStar

Sr. Solutions Architect (DevSecOps) II (6444)

MetroStar 251-1K IT Services

MetroStar is seeking a Sr. Solutions Architect (DevSecOps) II to lead secure platform and cloud solution efforts for containerized, microservices-based environments while ensuring compliance, continuous monitoring, and incident response readiness.

United States Full-time Senior Platform Engineer Security Engineer
$166k-$202k
AWS CI/CD Cybersecurity DevSecOps Jenkins Kubernetes Microservices OpenShift SonarQube Splunk
6 hours, 3 minutes ago
Trility Consulting

Senior DevSecOps Consultant (Azure / Secrets Management)

Trility Consulting 51-250 Internet Software & Services

Trility Consulting is seeking a remote Senior DevSecOps Consultant to lead a short-term Azure security engagement focused on strengthening secrets management, application security, and repeatable DevSecOps standards across client environments.

United States Contract Lead DevOps Engineer Security Engineer
Azure CI/CD DevSecOps GitHub .NET Python Secrets Management SQL Server
6 hours, 41 minutes ago
Make-A-Wish America

Lead Manager, IT Security Engineer

Make-A-Wish America 1K-5K Diversified Consumer Services

Make-A-Wish is hiring an Information Technology Security professional to help protect the organization’s information, infrastructure, and stakeholders through enterprise security design, operations, and incident support.

United States Full-time Senior Security Engineer
$68k-$84k
Azure Windows Server
7 hours, 7 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers