As a Product and Software Security Analyst, you will play a crucial role in our cybersecurity efforts, focusing on offensive security, fraud analysis, secure application development, and threat modeling. You will collaborate closely with cross-functional teams to ensure the security and integrity of our digital assets and infrastructure.
WHAT YOU’LL DO:
- Participate in projects focused on offensive security, including penetration testing (Pentest) and Red Team exercises under the guidance of senior team members;
- Assist in conducting fraud analysis to identify and mitigate potential risks and vulnerabilities;
- Provide support in building secure applications, leveraging your knowledge of web application security and the Software Development Life Cycle (SDLC).
- Assist in threat modeling using industry-standard methodologies such as ASVS and Irius Risk.
- Support the evaluation of Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) tools and contribute to vulnerability assessments.
- Assist in the execution of penetration tests on web applications, mobile applications, and APIs, and contribute to the delivery of vulnerability reports and recommendations for remediation to the development team.
- Contribute to projects involving Red Team exercises and Mitre Telecommunication&ck framework.
- work With Data Protection and Compliance Leadership, work with business lines on specific projects related to Privacy Operations, Data Protection Operations, and leveraging governance tools to track data and assets.
- Perform various privacy assessments using OneTrust.
SDLC API data-protection web-application-security penetration-testing