Clicksign. O click que muda a sua vida.
Product Security Analyst
Location
Brazil
Posted
2 days ago
Salary
0
Seniority
Senior
Job Description
Product Security Analyst
Clicksign
• Assess technical vulnerabilities and propose solutions to improve the security of our platform, working across our stack (Ruby, Go, and PHP) and developing security fixes in AWS/Lambda. • Quickly evaluate requests in the development queue to reduce the AppSec bottleneck and unblock Engineering deliveries. • Actively propose and implement fixes in code, going beyond merely reporting findings. • Conduct threat modeling and apply secure-by-design principles to product initiatives. • Create guardrails, tooling, and automations that make the secure path the default for Engineering teams. • Integrate and tune security tools in the CI/CD pipeline (SAST, SCA, and secret scanning), maintaining low noise and few false positives.
Job Requirements
- Experience in software or security engineering delivering production code (ideally Ruby and PHP), including automations in AWS/Lambda.
- Background in Application Security/Product Security: threat modeling, secure-by-design, and building guardrails and tooling.
- Strong knowledge of CI/CD pipeline security, with calibrated SAST, SCA, and secret scanning.
- Knowledge of AWS cloud security as applied to product environments.
- Security-related certifications are a plus.
- Strong ability to collaborate with Engineering teams, proposing and implementing fixes directly in code rather than only communicating findings.
- Ability to communicate in English (written and spoken).
Benefits
- 100% remote work.
- Culture of trust, focused on results, with plenty of challenge and learning opportunities.
- Autonomy and ownership in a collaborative and empathetic environment.
- Feedback culture and regular 1:1s with supportive leadership and no micromanagement.
- Comprehensive benefits such as meal/food allowance, childcare support, home office allowance, health, education and culture benefits, Gympass, birthday day-off, discounts on therapy and English courses, and other partner perks.
Related Guides
Related Categories
Related Job Pages
More Security Analyst Jobs
• Support administration, monitoring, and tuning of email security platforms • Assist with phishing, BEC, spoofing, malware, impersonation, credential harvesting, and suspicious-message investigations • Analyze email headers, message traces, authentication results, URLs, attachments, sender reputation, and related telemetry to support detection and response • Review quarantined messages, investigate false positives and false negatives, and support allow/block and policy-tuning decisions • Assist with Microsoft 365 email security administration • Support ICES platform configuration and reporting • Use scripting languages to automate repetitive email security tasks • Maintain accurate Jira, Asana, Confluence records • Create and update SOPs, runbooks, and operational procedures
Application Security Analyst
Sound PhysiciansWe deliver uncompromising care and lasting partnerships across acute and post-acute settings.
• Integrate security controls and automated checks into CI/CD pipelines, including Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Software Composition Analysis (SCA), secret scanning, container security scanning, and Infrastructure-as-Code (IaC) validation • Partner with developers and platform engineers to identify, prioritize, and remediate application, API, container, and cloud security risks early in the development lifecycle • Perform application security assessments, architecture reviews, and threat modeling exercises for new and existing applications • Conduct secure code reviews and provide guidance on secure coding practices aligned with OWASP Top 10, CWE, and industry standards • Support vulnerability management by validating findings, reducing false positives, tracking remediation, and helping define risk-based service-level expectations • Create and maintain documentation, standards, playbooks, and training materials related to application security, secure development, and DevSecOps practices
Security Analyst
NCC GroupA global team at the heart of cyber innovation, together we create a more secure digital future
Role Description As a Bug Bounty Analyst, you will act as the first line of validation for vulnerability submissions. You will work directly with the Bug Bounty researcher community to accurately reproduce and validate submissions and provide clients with technical writeups for any actionable findings. When triaging vulnerability submissions, analysts must assess the reproducibility, the real-world security impact, and that the reported issue is in scope so that submissions can be successfully filtered prior to escalating to the client. Bug Bounty Analysts serve as a trusted intermediary between the researcher community and the client and therefore must have strong technical capabilities balanced with the ability to deliver clear, professional communication. Key Responsibilities - Reproduce reported vulnerabilities in a controlled manner to confirm their validity. - Ensure that all validated reports meet quality standards for clarity, accuracy, and reproducibility before escalation to the client. - Communicate professionally and constructively with the security researcher community, requesting information and providing clarification where needed. - Communicate clearly and professionally with Enterprise clients ensuring that technical details are understood. - Identify and appropriately handle out-of-scope reports, duplicates, and low-quality AI submissions. - Manage client queues to meet agreed response and validation timeframes. - Author and deliver NCC-quality vulnerability reports to the specifications of individual clients. - Drive or contribute to projects that improve BBS’ tooling, operational processes, and delivery quality. Qualifications - Excellent written and verbal communication skills. - Proven experience in web application, network, and mobile application security testing. - Strong knowledge in OWASP Top 10. - Recent professional experience that required regular use of a programming scripting language (E.g., Python, JavaScript). - Vulnerability Disclosure and Bug Bounty experience. - Vulnerability Management experience is a plus. - Software QA experience is a plus. - Experience with SAST and DAST testing tools is a plus. Benefits - Flexible Working: Balance your work and personal life with our flexible working options. - Generous Holiday Allowance: Enjoy 25 days of holiday, plus bank holidays, with the option to buy up to 5 additional days of annual leave. - Medicash & Critical Illness Scheme. - Financial & Investment Benefits: Enjoy peace of mind with our Pension, Life Assurance, and Share Save Scheme. - Community & Volunteering Programmes: Make a difference in your community with our volunteering opportunities. - Green Car Scheme: Drive green and save money with our eco-friendly car scheme. - Cycle Scheme: Stay fit and healthy with our cycle-to-work scheme. - Special Time Off: Take time off for those big moments in life, like getting married/entering into a civil partnership, becoming a grandparent, and welcoming home a new pet. - Family Planning: Benefit from our generous maternity and paternity leave, as well as time off and support for those undergoing fertility treatments.
Role Description Under supervision, the Digital Forensics Intelligence Analyst analyzes evidence, crime reports, and databases to assist agents, law enforcement officers, and prosecutors in the investigation and successful prosecution of crime. - Identify criminal activity trends and linkages. - Assess cases to determine what type of data should be collected and the method of collection required as directed. - Operate case management system. - Provide analysis on data from computers, cell phones, and all other communications. - Retrieve and manage crime database information and ensure it is maintained on case intake and dispositions. - Review cases to provide the best method of visually portraying events, i.e., link diagrams, events, and association charts. - Utilize specialized computer software to analyze and organize information. - Perform other duties as assigned. Qualifications - High school diploma or GED. - A minimum of 3 years of experience in a related field/setting. Requirements - Computer proficiency. - Attention to detail. - Time management and prioritizing skills. - Ability to use good judgment and strong interpersonal skills. - Self-motivated with the ability to work with minimal supervision. - Exceptional oral and written communications skills. - Must be able to pass and maintain a background check and polygraph administered by the State Department of Corrections. Preferred Qualifications - A bachelor’s degree in digital forensics or related field. - Proficient in Excel. Physical Requirements While performing the duties of this job, the employee is regularly required to: stand, sit, talk, hear, and use hands and fingers to operate a computer, telephone, and a variety of office equipment. Occasionally may need to reach, stoop, or kneel. Benefits - Salary range: $20.90 - $23.82/hr based on experience and qualifications. - Health Insurance. - 401(k). - Disability. - Life Insurance. - Paid Time Off. - Voluntary Benefits.



