.Decskill was born in 2014 as an IT Talent company, with the main mission of providing value through knowledge.
We enable companies to face the challenges of the digital world by providing our clients with business models that ensure Technological Capacity, Flexibility and Agility.
In numbers, we are a team of +600 people with offices in Lisbon, Porto and Madrid DECSKILL operates in 3 main areas: DECSKILL TALENT, where we provide our customer with an extension of the IT teams in the technological aspects DECSKILL BOOST, a specialised development to increase capacity and optimise Time-to-Market, where we create and manage teams that deliver according to your needs, at the desired speed DECSKILL CONNECT, where we provide our clients with consulting services, implementation and management of IT infrastructures Our practice results in the creation of value for our clients, whether through the delivery of skilled and value-added services, skilled and motivated professionals, or through technology solutions that enable us to operate and transform our clients' businesses.
We are looking for a Application Security Expert for a banking project!
This role focuses primarily on ensuring secure development practices within Dev Sec Ops pipelines, specifically around SAST (Static Application Security Testing) and SCA (Software Composition Analysis), in alignment with the bank's security policies and best practices.
You will play a critical role in guiding developers, ensuring compliance with security protocols, and leading a small team to assess, challenge, and improve Dev Sec Ops activities.
The role also includes contributing to the evolution of the bank's security frameworks and automation of security controls.
What will be your responsibilities?
To check how developers work with Fortify and Nexus IQ: alignment with development's lifecycle, coverage of the scans To check if findings are properly treated: vulnerabilities well remediated, no wrong false positive classification To challenge the developers, support the remediation and acculturate them with Fortify, Nexus IQ and secure coding best practices To guarantee the delivery of analysis mentioned above by the 2 other members of the team To develop tooling to automate as much as possible the Dev Sec Ops effectiveness controls.
Write guidelines and procedure to standardize and support developers' activities with SAST and SCA ? Technical Skills Required Application Security – Expert Secure Coding Practices – Expert SAST (e.G., Fortify) – Expert SCA (e.G., Nexus IQ) – Mastery Python Scripting – Practice Team Management – Practice Location: Lisbon Do you want to know more?
send your CV in English to with reference "AC/Windows Support)" **Decskill is committed to equality and non-discrimination with all its talents