Senior Security Engineer – AppSec, Cloud & Infrastructure

November 10

Apply Now

Receive Emails with Similar Jobs

GRAN

WebsiteLinkedInAll Job Openings

Artificial Intelligence • Data Analytics • SaaS

GRAN is a cutting-edge platform that streamlines the process of collecting and analyzing granular data from various sources, allowing businesses to make informed decisions based on real-time insights. The platform utilizes advanced analytics and machine learning techniques to transform raw data into actionable business intelligence, helping organizations optimize their operations and improve performance.

501 - 1000 employees

Founded 2012

🤖 Artificial Intelligence

☁️ SaaS

💰 Series A on 2021-05

📋 Description

• Be part of the journey that protects millions of students by building security into the code. • Work across the entire stack (application, cloud and infrastructure), strengthening AppSec, CloudSec and automation practices. • Integrate security into CI/CD pipelines, applying SAST, DAST and SCA with intelligence and efficiency. • Manage and tune WAFs (Cloudflare), mitigating attacks and protecting production applications. • Conduct threat modeling, architecture reviews and incident response. • Automate processes and build solutions using Python, Bash or Go. • Ensure security in cloud environments (AWS) and support secure AI/ML initiatives. • Continuously evolve our security standards, policies and security culture.

🎯 Requirements

• Solid experience in AppSec, Cloud Security and DevSecOps, with a broad perspective across the development lifecycle. • Hands-on experience with WAFs (Cloudflare), tuning, custom rules and attack mitigation. • Proficiency with SAST, DAST and SCA (e.g., Semgrep, Burp, ZAP, Snyk, Dependabot) integrated into CI/CD pipelines. • Knowledge of containers and cloud-native security (Docker, Kubernetes). • Ability to identify and remediate vulnerabilities in modern architectures (Web, Mobile, APIs, Microservices). • Incident response experience, with an analytical mindset and a focus on prevention. • Familiarity with threat modeling (STRIDE, PASTA, MAESTRO, OWASP Threat Dragon). • Understanding of LGPD (Brazilian General Data Protection Law), PCI-DSS and compliance best practices. • Programming and automation skills with Python, Bash or Go (advantageous). • Knowledge of AI/ML security and emerging risks in this domain (advantageous).

🏖️ Benefits

• Nationally covered Health and Dental plan fully paid by the company. • Gympass or gym reimbursement. • Posher app for self-care services. • Partnership with Sesc, providing access to cultural and leisure activities. • Meal Allowance or Food Allowance paid via the Ifood Benefits card. • Home office allowance paid via the Ifood Benefits card. • Annual bonus according to current company policy. • Extended maternity and paternity leave. • Childcare assistance. • Full scholarship for undergraduate and postgraduate studies at Gran Faculdade. • Free unlimited Gran Concursos subscription. • Gran Academy – the corporate university for GranLovers' development. • Study incentive policies supporting continuous learning. • Onboarding kit and equipment provided by Gran. • Christmas voucher in December. • Gran Baby kit to celebrate the birth of babies in the family. • M.O.M – Mom Off Moment: one additional day off per year to be scheduled with direct leadership. • Gran School Kit – school supplies assistance. • Inclusion allowance – exclusive for people with disabilities (PcD). • Petlove partnership/benefit. • Day off on your birthday. • Life insurance. • Partnership with Creditas (payroll loans, financial education and Creditas Store).