CYBER SECURITY SPECIALIST/OPERATOR (ON-SITE)

Descrição do trabalho

CYBER SECURITY SPECIALIST/OPERATOR (ON-SITE PORTO)

Portuguese company hires for on-site position

???? Location: Porto, Portugal

⚠️ Only candidates already based in Portugal will be considered

???? Work Model: On-Site

????️ Language Requirements: Fluent English

???? Seniority: Senior (6+ years of experience)

???? Sector: Banking

⚠️ Instructions: Please send your CV in English and make sure to include all skills and experience that match the requirements of the opportunity. This will significantly increase your chances of success

_________________________________________________________________
Role Overview

We are looking for a Senior Application Security Specialist to join a Cybersecurity team within a global financial environment.This role plays a critical part in protecting enterprise applications against cyber threats, ensuring that application security controls remain effective over time and that development teams adopt secure coding and DevSecOps best practices.

You will act as a technical authority in application security, working closely with developers to identify, validate, and remediate vulnerabilities, while continuously improving security automation and tooling.
Key Responsibilities

· Ensure application vulnerabilities are correctly identified, understood, and remediated, avoiding false positives and misclassifications

· Analyze how development teams use Fortify and Nexus IQ, ensuring proper integration within the software development lifecycle (SDLC)

· Challenge, guide, and support developers on vulnerability remediation and secure coding practices

· Promote and reinforce secure coding standards and application security awareness

· Develop automation scripts and tooling to improve DevSecOps security controls and effectiveness

· Contribute to strengthening application security governance and controls across the organization
Mandatory Technical Skills

· Application Security – Mastery

· Secure Coding Practices – Expert

· SAST (Static Application Security Testing) – Expert

· SCA (Software Composition Analysis) – Mastery

· Fortify – Expert usage within SDLC

· Nexus IQ – Dependency and vulnerability management

· Automation & Scripting (Python preferred) – Expert

· DevSecOps principles and tooling
Languages

· English – Mastery (mandatory)

· French – Nice to have (basic knowledge / notions)
Soft Skills

· Strong analytical and critical thinking skills with high attention to detail

· Ability to collaborate with distributed teams across multiple geographies

· Confident decision-making capability

· High level of autonomy and accountability

· Strong organizational and prioritization skills
Keywords – Must Be Clearly Listed in the CV

Application Security, Secure Coding, SAST, SCA, Fortify, Nexus IQ, DevSecOps, Vulnerability Management, Python Scripting, Security Automation, SDLC Security, Cybersecurity, Application Security Controls, Porto, English Fluent, Financial Sector

#CI - PROC25348