DevSecOps Analyst, Senior

Job not on LinkedIn

November 1

Apply Now

Receive Emails with Similar Jobs

NDD Tech | Brasil

WebsiteLinkedInAll Job Openings

SaaS • B2B • Cybersecurity

NDD Tech | Brasil is a SaaS company offering NDD Orbix, a cloud platform for monitoring, managing and optimizing workspace devices and services — including printers, thermal printers, desktops/laptops, label printers and IoT collectors. The platform provides print fleet management, remote installation and queue administration, supplies and predictive replenishment, print control (quotas, secure release, scanning workflows), software and vulnerability monitoring, API integrations and ML-driven analytics to reduce costs, improve uptime and support ESG goals. NDD Tech serves manufacturers, integrators and service providers with high-availability, B2B solutions that centralize device operations, increase profitability and strengthen security and compliance.

501 - 1000 employees

☁️ SaaS

🤝 B2B

🔒 Cybersecurity

📋 Description

• Support development teams in identifying, remediating and preventing vulnerabilities in code and dependencies. • Execute and automate SAST, DAST and SCA analyses in CI/CD pipelines (Azure DevOps). • Assist in defining and evolving secure coding standards, code review processes and DevSecOps practices. • Maintain and enhance tools such as SonarQube, Trivy, OWASP Dependency Check, Gitleaks and SBOM generation. • Support integrating security into the software development lifecycle (SDLC) and Shift-Left Security initiatives. • Analyze and prioritize automated scanner results, correlating findings with business criticality and context. • Collaborate with the security team and technical leaders to define AppSec policies, standards and guidelines. • Participate in trainings, internal awareness campaigns and technical reviews, promoting best practices among product teams. • Support the incident response team in investigating vulnerabilities in applications and APIs.

🎯 Requirements

• Experience in software development (C#, .NET, Node.js or similar). • Knowledge of OWASP Top 10, CWE and Secure Coding practices. • Experience with application security tools (SAST, DAST, SCA, secret scanning). • Hands-on experience with Azure DevOps and CI/CD pipelines. • Experience with SonarQube, Trivy, OWASP Dependency Check, Gitleaks and SBOM generation. • Familiarity with containers, Kubernetes and image analysis. • Knowledge of version control (Git). • Ability to translate technical risks into business impact.

🏖️ Benefits

• Annual bonus: up to 3.3 months' salary; for commercial roles, a performance-based OTC commission model. • Career plan: feedback culture with 360° performance reviews; internal recognition program and close management with regular 1:1 meetings. • NDD with You: financial education program, psychological counseling, legal advice and social support. • Health: Unimed health plan and life insurance; flu vaccination support and wellness initiatives. • Meals: meal allowance; unlimited coffee and fruit in the office. • Well-being: relaxation space with leisure area, barbecue and games. • SESC partnership: access to cultural, educational and tourism benefits. • Education: tuition assistance; support for learning new languages; sponsorship to attend industry events; certification support. • Transport: transportation voucher; on-site parking and bicycle parking. • Flash Card: credits for internal engagement activities, including during your birthday month. • Working hours: 40 hours per week / flexible schedule. • Diversity & Inclusion (#ESG).