Application Security and Compliance Engineer

DSR Corporation

  • Porto
  • Permanente
  • Horário completo
  • Há 22 dias
  • Aplicar facilmente
Do you love cutting-edge tech and are passionate about engineering? Then this opportunity might be perfect for you!About DSR CorporationDSR Corporation has been the ideal end-to-end solution provider for hundreds of companies, from startups to the Fortune 500, since 1998. Since then, DSR has blossomed into 11 technical divisions, with highly-skilled, technologically-agnostic engineering resources and services in full-stack web, embedded, mobile, wireless, big data / analytics, scalable databases, system software, digital media, SSI / blockchain, and AI / computer vision. Our fully-managed teams and deep technical expertise enable us to provide world-class custom software solutions of any scale and complexity. This approach has allowed us to serve industry leaders like Netflix, Nordic Semiconductor, Seagate, Legrand, EDF, Amazon, Sysgo, and many others. The company has offices located around the world including Denver, Porto, Voronezh, Yokohama-city, and Tashkent.Among our own products are ZBOSS, the Zigbee software protocol stack for IoT devices, zHome framework for smart home solutions (mobile app, back-end, IoT gateway), ZBOSS Open Initiative to maintain and improve the market-leading Zigbee® PRO software platform together with heavyweight IoT market players. DSR's wholly-owned subsidiary, Noema, focuses on delivering the most up-to-date and reliable AI and Computer Vision solutions for security, manufacturing, retail, healthcare and smart homes/cities businesses.Join our multinational team of seasoned software engineers! We're passionate about tackling complex tasks and sharing our unique software development expertise, accumulated over 25 years. With well-established workflows and transparent career paths, we're geared to boost your professional growth, regardless of your current experience level.Let's change our world for the better by doing software right!| | | |Job DescriptionWe are currently looking for a Security Compliance Engineer to ensure IT systems, processes, and policies align with industry standards, regulatory requirements and security best practices. This role involves conducting risk assessments, implementing compliance requirements and working with software development teams to maintain and improve practical side of software security.Responsibilities:
  • Lead compliance efforts for frameworks such as SOC 2, ISO 27001, NIST, GDPR, HIPAA, PCI-DSS, CCPA and other relevant standards
Conduct gap assessments and implement remediation plans to meet compliance requirements.Maintain documentation, policies, and procedures to support audits and certifications. * Assist in vulnerability management, penetration testing, and security monitoring.
  • Work with development teams to implement security controls and mitigate risks.
  • Develop, update, and enforce security policies, standards, and guidelines.
  • Train teams on compliance requirements and security best practices.
Requirements:
  • 3+ years of experience in Web Application Software Development
  • 3+ years in security compliance, risk management, or Web Application Security
  • Hands-on experience with compliance frameworks (e.g., SOC 2, ISO 27001, NIST, GDPR).
  • MS (preferred) or BS degree in Computer Science or equivalent work experience
  • Strong understanding of secure software development principles (secure coding, authentication, encryption).
  • Strong understanding of OWASP Top 10 and CWE Top 25.
  • Hands-on experience with penetration testing and vulnerability assessment tools (e.g., Burp Suite, OWASP ZAP, Metasploit, Nmap, Snyk).
  • Strong problem-solving skills.
  • Technical leadership experience
  • Experience working in distributed team
  • Fluent English
Skill Keywords:
  • Security Compliance
  • Regulatory Compliance
  • ISO 27001
  • SOC 2
  • NIST
  • GDPR
  • HIPAA
  • PCI-DSS
  • Risk Assessment
  • Audit Management
  • Vulnerability Management
  • Penetration Testing
  • Cloud Security (AWS/Azure/GCP)
  • IAM (Identity & Access Management)
  • SIEM (Security Information & Event Management)
  • GRC (Governance, Risk, Compliance)
  • Policy Development
  • OWASP ASVS
  • Secure Design
  • Secure Coding
  • Web Application Security
  • Cloud Security
  • API Security
  • Threat Modeling
  • Security Automation
  • Linux
  • Windows
What we offer:
  • Competitive salary and great benefits.
  • Accelerated career growth.
  • Flexible schedule and remote-friendly policy.
  • Office in the center of Porto.
  • Employer-sponsored health insurance.
  • Strong work-life balance emphasis.
  • Extra holidays.
Powered by JazzHR

DSR Corporation

Empregos similares

  • Cyber Security Operations Engineer (m/f/d)

    Hays

    • Porto
    Principais responsabilidades Garantir a segurança dos sistemas e dos dados da empresa e dos clientes, assegurando confidencialidade, integridade e disponibilidade através da anál…
    • Há 2 mêses

  • Cyber Security Operations Engineer (M/F/D)

    Hays

    • Porto
    Descrição da Função Principais responsabilidades Garantir a segurança dos sistemas e dos dados da empresa e dos clientes, assegurando confidencialidade, integridade e disponibi…
    • Há 2 mêses

  • Network & Security Engineer (M/F/D)

    Hays

    • Porto
    Descrição da Função Principais responsabilidades Irás participar em diferentes projetos de implementação nas áreas de networking e cibersegurança, a nível nacional, garantindo a…
    • Há 2 mêses