ASAAS

Senior Cloud Security Engineer – DevSecOps

ASAAS

full-time

Posted on:

Location Type: Remote

Location: Brazil

Visit company website

Explore more

AI Apply
Apply

Job Level

Senior

Tech Stack

AWSCloudDockerFirewallsGoGrafanaKubernetesPrometheusPythonSDLCSplunkTerraform

About the role

  • Implement and manage security controls in AWS cloud environments, ensuring secure configuration of services and resources;
  • Manage identity and access (IAM), defining least-privilege access policies and implementing robust authentication controls;
  • Implement and maintain security solutions such as WAFs, firewalls, intrusion detection/prevention systems (IDS/IPS) and vulnerability management tools;
  • Perform continuous security monitoring, log analysis and incident response;
  • Promote a DevSecOps culture by integrating security throughout the SDLC and ensuring the adoption of secure coding practices;
  • Implement layered security measures to protect applications and data against threats;
  • Conduct security assessments, vulnerability analyses and penetration testing on cloud infrastructure;
  • Ensure compliance with security frameworks and regulations such as PCI-DSS, LGPD (Brazilian Data Protection Law), NIST, CIS Benchmarks and ISO 27001;
  • Automate security processes using Infrastructure as Code (IaC) and automation tools;
  • Document security policies, procedures and architectures;
  • Stay up to date with trends and innovations in Cloud Security, evaluating and proposing new tools and practices.

Requirements

  • Strong experience in application and infrastructure security in AWS cloud environments;
  • Deep knowledge of identity and access management (IAM), encryption and data protection;
  • Experience with CSPM (Cloud Security Posture Management) tools such as Wiz, Prisma Cloud or similar;
  • Familiarity with security and compliance frameworks (PCI-DSS, NIST, CIS Benchmarks, ISO 27001/27002);
  • Experience with observability and SIEM tools (Prometheus, Grafana, ELK Stack, CloudWatch, Splunk);
  • Proficiency in programming and scripting languages (Python, Bash, Go);
  • Experience with Infrastructure as Code (AWS CDK, Terraform);
  • Knowledge of containers (Docker) and orchestration (ECS, Kubernetes).
Benefits
  • Medical and dental insurance with no copay
  • Life insurance
  • Medication purchase assistance
  • Fitness allowance
  • Financial assistance
  • 4 free monthly sessions with a therapist or nutritionist
  • Flexible meal benefit
  • Free meals at headquarters
  • Childcare assistance
  • Parental support program
  • Extended maternity and paternity leave
  • In‑company training platform
  • Education assistance covering 70% of tuition for degree programs and language courses
  • Home office allowance
  • Work equipment
  • Furniture allowance
  • Partnerships with coworking spaces across Brazil
  • Birthday day off
  • Happy hour allowance
  • Referral bonus for new hires
  • Bonus tied to annual targets
  • Stock options plan
  • Relaxed work environment
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
application securityinfrastructure securityidentity and access managementencryptiondata protectionCloud Security Posture Managementprogramming languagesscripting languagesInfrastructure as Codepenetration testing
Soft Skills
incident responsecontinuous security monitoringlog analysissecure coding practicesdocumentation
Certifications
PCI-DSSNISTCIS BenchmarksISO 27001ISO 27002