Security Analyst,
Remote Brazil


Remote Brazil

Office Address

Project Description

One of the world's largest providers of products and services to the energy industry has a need to develop and support cloud-based enterprise information system in Oil & Gas domain.
Our project is stable, long-term and constantly adopts new technologies.

DevOps practice is tasked with the development, provisioning, operations, and performance of a global, multi-region, multi-cloud software as a service, and developer integration platform.

Work supposes close cooperation with Customer team located in Houston and following Agile principles.
Our team is senior, supportive and friendly.

In this role candidates will operate independently and as part of a team to ensure that all software, hardware, and related components are protected from cyber attacks. Duties will include developing security systems, analysing current systems for vulnerabilities, and handling any and all cyber attacks in an efficient and effective manner. Candidates should have strong IT skills and a deep understanding of cyber attacks methodology, including but not limited to Fortify SCA scans, WebInspect scans, RAF developing, and overall security policies development and deployment.


    Validate the fixes performed by developers in
    Fortify for vulnerabilities
    Follow up with Developer on open vulnerabilities
    Share reports of open, closed vulnerabilities
    Develop unique, effective security strategies for software systems, networks, and cloud provider
    Safeguards information system assets by
    identifying and solving potential and actual security problems
    Protects system by defining access privileges,
    control structures, and resources
    Recognizes problems by identifying abnormalities;
    reporting violations
    Implements security improvements by assessing current situation; evaluating trends; anticipating requirements
    Determines security violations and inefficiencies
    by conducting periodic audits
    Upgrades system by implementing and maintaining
    security controls
    Maintains quality service by following
    organization standards
    Contributes to team effort by accomplishing
    related results as needed


Must have

    1. Thorough knowledge of Fortify and SAST scans hands-on experience
    2. Thorough knowledge of WebInspect and DAST scans hands-on experience
    3. Software Composition Analysis (SCA): X-Ray scans hands-on experience
    4. Application development skills (programming languages: Python, Java, C#, Angular)
    5. Solid application risks assessment practical experience
    6. Application risk management experience (Understanding of the Risk Acknowledgement Form (RAF) approach)
    7. AWS cloud services administration
    8. Internal documentation creation experience
    9. On-call security incidence troubleshooting
    10. Process improvement
    11. Problem solving
    12. Excellent communication skills

Nice to have

    1. AWS cloud services practical experience and certification
    2. Fortify SCA certification (Cybersecurity Maturity Model Certification (CMMC))
    3. CISSP, CISM, OSCP, CEH certifications
    4. Kubernetes deployment and maintenance hands-on experience
    5. Automation: Terraform
    6. Good knowledge of Microsoft Active Directory services
    7. Firewall and security group administration practical experience
    8. Good understanding of AICPA SOC2 controls and processes
    9. Thorough knowledge of network security and protocols
    10. Knowledge of cryptography protocols and hands-on experience in SSL certificates generation
    11. Penetration testing hands-on experience in Azure and AWS cloud environments and Kubernetes clusters.
    12. Web and desktop applications penetration testing hands-on experience.


English: B2 Upper Intermediate



Relocation package

If needed, we can help you with relocation process. Click here for more information.

Vacancy Specialization

Application Security

Ref Number


Explore More

LoGeek Magazine
icon Logeek Luxoft
Learn more
icon Events Luxoft
Learn more
Relocation Program
icon Relocation Luxoft
Learn more
icon Referral Luxoft
Learn more
and Grads
icon Students Luxoft
Learn more

More job opportunities in
Application Security

Specialization Position / Title Location Seniority Relocation Friendly Send to a friend
Application Security WAF / Security Infra Engineer Remote Brazil, BR Regular