Azure Application Security Engineer – Mid-level

Job not on LinkedIn

3 days ago

Apply Now

Receive Emails with Similar Jobs

Compass

WebsiteLinkedInAll Job Openings

Real Estate • Media

Compass is a real-estate-focused content and services site that provides detailed market analysis, buying/selling/renting guides, mortgage and financing information, and home improvement and renovation advice. The site offers resources for homebuyers, sellers, renters, agents, and real estate investors — including articles on appraisals, affordable housing, investment strategies, staging and property maintenance. Compass aims to help users make informed decisions across the housing lifecycle through timely market updates and practical how-to content.

10,000+ employees

🏠 Real Estate

📱 Media

📋 Description

• Implement Secure SDLC practices for applications developed in .NET, ensuring security at all stages of the software development lifecycle; • Integrate and operate SAST, SCA, and DAST tools within Azure DevOps pipelines; • Use GitHub Security / Advanced Security features (CodeQL, Dependabot, Secret Scanning, Alerts) to strengthen application security; • Conduct security audits and penetration tests (pentests) on web applications, APIs, and microservices; • Identify, validate, and prioritize vulnerabilities using standards such as OWASP, CWE, and CVSS; • Support squads in remediating vulnerabilities by providing clear, actionable technical recommendations; • Work with the DevOps team to implement security controls and continuous improvements in CI/CD pipelines; • Perform secure code reviews for .NET modules and REST APIs; • Collaborate with architecture and engineering teams to strengthen the security of Azure workloads (Key Vault, App Services, Entra ID, API Management); • Harden containers, pipelines, and related environments; • Participate in Threat Modeling sessions, contributing to early risk identification and the definition of countermeasures.

🎯 Requirements

• Bachelor's degree or postgraduate degree (specialization, Master's, or PhD) in Information Technology; • Proven professional experience in the technology field (CLT and/or contractor/consultant experience); • Experience with Secure SDLC practices and application security; • Familiarity with SAST, SCA, and DAST tools integrated into Azure DevOps pipelines; • Knowledge of GitHub Security / Advanced Security (CodeQL, Dependabot, Secret Scanning, Alerts); • Experience conducting pentests, security audits, and vulnerability analysis for web applications and APIs; • Proficiency with frameworks and standards such as OWASP, CWE, and CVSS; • Experience performing code reviews for .NET applications and REST APIs; • Knowledge of security for Azure workloads (Key Vault, App Services, Entra ID, API Management); • Experience with hardening containers, pipelines, and infrastructure; • Ability to collaborate with squads, DevOps, and architecture teams, with strong communication skills and a collaborative mindset;

🏖️ Benefits

• Don't meet all the requirements for the role? • That's okay! At Compass UOL, we encourage the continuous development of new talent and turn challenges into opportunities.