Application Security Engineer

🕒 May 29

🗣️🇧🇷🇵🇹 Portuguese Required

Apply Now
Find Similar Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Logo of ROIT

ROIT

51 - 200 employees

Founded 2016

☁️ SaaS

📋 Compliance

🤖 Artificial Intelligence

SaaS • Compliance • Artificial Intelligence

ROIT is a Brazilian tax-technology company that provides an integrated ecosystem of SaaS solutions and AI-powered tools to help medium and large companies prepare for and manage the 2026 tax reform. Its offerings include an official tax-reform calculator that reprocesses SPED files and invoices, an Invoice-to-Pay automation suite (with ERP/SAP integrations), Tax Discovery for reclaiming taxes, regulatory consulting and education programs, and ongoing support for compliance and scenario planning.

📋 Description

• Define and evolve ROIT's Application Security and DevSecOps strategy; • Implement continuous security practices throughout the software development lifecycle (Secure SDLC); • Integrate security tools and controls into CI/CD pipelines; • Implement and evolve practices related to: SAST; DAST; SCA; Secret Scanning; Container Scanning; IaC Scanning; • Define and disseminate secure standards for: APIs; microservices; Kubernetes; cloud workloads; • Support engineering teams in identifying, prioritizing and remediating vulnerabilities; • Participate in threat modeling, architectural reviews and the definition of security controls; • Support initiatives related to ISO 27001, compliance, risk management and audits; • Monitor critical vulnerabilities, risks and incidents related to application security; • Automate security processes and controls whenever possible; • Promote a security culture across technical teams, acting in a consultative and collaborative manner; • Contribute to increasing the organization’s technical maturity in modern security practices.

🎯 Requirements

• Bachelor's degree in Computer Science, Software Engineering, Information Systems, Information Security or a related field. • Strong experience in Application Security, DevSecOps or Software Engineering Security; • Experience in cloud-native environments and distributed architectures; • Experience with CI/CD pipelines and security automation; • Knowledge of: web application security; REST APIs and authentication/authorization; Kubernetes and containers; security in AWS, Azure or GCP; OWASP Top 10; Threat Modeling; vulnerability management; • Experience with tools for: SAST; DAST; SCA; container security; secret detection; IaC security; • Knowledge of modern engineering and automation practices; • Familiarity with compliance and security frameworks, especially ISO 27001.

🏖️ Benefits

• Training • Salary • Full-time • Remote

Apply Now