CEA

Security Architecture and AppSec Coordinator

CEA

full-time

Posted on:

Location Type: Hybrid

Location: BarueriBrasil

Visit company website

Explore more

AI Apply
Apply

Tech Stack

CloudJavaJavaScript.NETNode.jsPythonSDLC

About the role

  • Coordinate the definition and evolution of corporate security architecture, including applications, APIs, cloud, on-premises and hybrid environments;
  • Define principles, standards, controls and security architecture guidelines aligned with frameworks such as NIST, ISO 27001, Zero Trust and CSA;
  • Perform and oversee solution architecture reviews, assessing risks, security controls and compliance with defined standards;
  • Collaborate with enterprise architecture and infrastructure/cloud teams to define secure and resilient architectures;
  • Support strategic decisions regarding technologies, platforms and new products from a security perspective;
  • Define and coordinate the application security (AppSec) strategy, integrated into the development lifecycle (SDLC / DevSecOps);
  • Oversee threat modeling, risk analysis and vulnerability assessment activities for applications and APIs;
  • Ensure adoption of Secure Coding and DevSecOps practices and tools (SAST, DAST, IAST, SCA, ASPM);
  • Provide technical support and guidance to development teams on vulnerability remediation and risk mitigation;
  • Define policies, standards and minimum security requirements for internal and third-party applications;

Requirements

  • Strong experience in Security Architecture and/or Application Security (AppSec);
  • Hands-on experience in software development (Java, .NET, Node.js, Python or similar) with a solid understanding of the SDLC;
  • Advanced knowledge of OWASP Top 10, CWE, NIST, ISO 27001, CIS and security best practices;
  • Experience in threat modeling, risk analysis and architecture review;
  • Practical knowledge of SAST, DAST, IAST, SCA and ASPM tools and processes;
  • Experience with cloud environments and modern architectures (microservices, APIs, containers);
  • Clear communication skills and the ability to act as a technical leader and strategic advisor.
  • ** Differentials
  • Technical certifications in cybersecurity and architecture;
  • Previous experience coordinating or providing technical leadership for security teams;
  • Experience in regulated or large-scale environments.
Benefits
  • Medical and dental coverage (employee and dependents)
  • Dr. C&A - Telemedicine and teletherapy services
  • Annual bonus
  • Parking or transportation voucher (Work location: Alphaville – Barueri/SP)
  • Birthday off: one paid day off during your birthday month
  • Flexible working hours
  • On-site cafeteria
  • Flexible meal benefit (meal allowance and/or food voucher)
  • Gympass
  • Semiannual vacation
  • Employee discount at C&A stores and online
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
Security ArchitectureApplication SecurityJava.NETNode.jsPythonSDLCThreat ModelingRisk AnalysisVulnerability AssessmentSecure Coding
Soft Skills
Clear CommunicationTechnical LeadershipStrategic Advisor
Certifications
Cybersecurity CertificationsArchitecture Certifications