Match score not available

Unlock Premium Benefits Today!
🚀 Elevate your career with priority access.
Stand out to top recruiters with Jobgether Priority Access:
  • ✅ Top Match: We help you identify job offers where you're a perfect fit.
  • ✅ Exclusive Referral Service: Connect directly with recruiters as a Jobgether Certified Premium User.
  • ✅ Personalized Feedback: Receive expert guidance on applications and have your profile manually reviewed.

Start Your Free Trial Now!

Start my free trial

Application Security Manager

75% Flex
EXTRA HOLIDAYS
Remote: 
Full Remote
Contract: 
Full time
Experience: 
Mid-level (2-5 years)
Work from: 
Mexico

Offer summary

Qualifications:

+2 years of penetration testing experience, including cloud environments, Understanding of agile methodologies, DevOps, and DevSecOps.

Key responsabilities:

  • Conduct penetration testing on network assets and applications
  • Perform target infrastructure exploitation analysis
  • Create exploitation strategies and validate security measures
  • Develop test plans, recommend based on results, and ensure compliance with requirements
Kueski logo
Kueski Fintech: Finance + Technology SME https://kueski.com/
501 - 1000 Employees
About Kueski
Kueski is the largest online consumer lender in Mexico, that provides financial services for users who are ineligible for traditional bank loans. Thanks to its technology and data analysis criteria, the company has positioned itself as a market leader. In 2016, Adalberto Flores, CEO and Co-founder of Kueski, was recognized as Mexican Entrepreneur of the Year by Endeavor. Tuesday Capital, Victory Park Capital, Sobrato Family, Angel Ventures Mexico, Rise Capital, Core Ventures Group, Ariel Poler, Pedro Aspe, Bismarck Lepe, Variv Capital, David Begler, Endeavor Catalyst, and Auria Capital are among the companies betting on this project. Check out the Jobs section to see all the open positions that we have, and enjoy the most creative, smart, disruptive and fun team that you could imagine.
See more Kueski offers

Job description

Logo Jobgether

Your missions

About Kueski
Founded in 2012 with the mission to improve the financial lives of people in Mexico, Kueski has grown to be one of the largest buy now, pay later (BNPL) and online consumer lending companies in Latin America. Kueski provides financial services to consumers and connects the Mexican economy through its innovative product ecosystem. This ecosystem consists of Kueski Pay, the company's BNPL product available online and in-store, and Kueski Personal Loans, a direct to consumer loan product.
The company is frequently recognized for its strong, diverse and inclusive company culture. In 2022, Kueski has been named one of the most ethical companies in Mexico by AMITAI, and one of the best companies for both young professionals and female talent in Mexico by EFY. The company has also been named to CB Insights’ Fintech 250 list.

Purpose

The Application Security Lead is responsible for recommending, working with the Engineering team, and ensuring the appropriate security is implemented in products developed. These evaluations through technical reviews, using attacks, application pen-testing activities, among others, to ensure all developed products and applications, comply with the guidelines and definitions. The application security lead is also responsible for working with the different teams to implement and maintain the SSDLC, and working with the different stakeholders to document and ensure the implementation of these controls is appropriate and complies with the defined elements.
Key Responsabilities
    • Conduct and/or support authorized penetration testing on enterprise network assets
    • Perform penetration testing as required for new or updated applications
    • Apply and utilize authorized cyber capabilities to enable access to targeted networks and applications
    • Perform analysis for target infrastructure exploitation activities
    • Conduct independent in-depth target and technical analysis including target-specific information (e.g., cultural, organizational, political) that results in access
    • Create comprehensive exploitation strategies that identify exploitable technical or operational vulnerabilities
    • Examine intercept-related metadata and content with an understanding of targeting significance
    • Collaborate with developers, conveying target and technical knowledge in tool requirements submissions, to enhance tool development
    • Lead or enable exploitation operations in support of organization objectives and target requirements
    • Develop test plans to address specifications and requirements
    • Make recommendations based on test results
    • Create auditable evidence of security measures
    • Validate specifications and requirements for testability
    • Perform developmental testing on systems under development
    • Perform interoperability testing on systems exchanging data with other systems
    • Perform operational testing
    • Test, evaluate, and verify software to determine compliance with defined specifications and requirements
Position Requierements
    • +2 years of penetration testing experience, both at a network and application levels
    • +1 year experience in penetration testing in cloud environments
    • Experience in working with engineering teams to close the identified issues and perform retesting of the findings
    • Clear understanding of agile methodologies, DevOps, and DevSecOps
    • Experience using SAST, DAST, and other automated testing tools
    • PenTesting Certification or similar is nice to have. (CEH, PenTest+, CPT, CEPT, CRTOP, GPEN, OSCP, etc)Knowledge of application vulnerabilities
    • Knowledge of collection management processes, capabilities, and limitations
    • Knowledge of front-end collection systems, including traffic collection, filtering, and selection
    • Knowledge of cyber attack stages (e.g., reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks)
    • Knowledge of attack methods and techniques (DDoS, brute force, spoofing, etc.).Knowledge of evasion strategies and techniques
    • Knowledge of identification and reporting processes
    • Advanced English level
You’ll love working at Kueski because
    • We have a mission-driven culture focused on customer value, teamwork, humility, and integrity.
    • Everyone is expected to have role clarity, career growth, and a personal development plan. Feedback and recognition is embedded in our company processes, systems, and practices.
    • We ensure competitive salary, medical insurance, and wellbeing through ample and flexible time off as well as mental healthcare benefits. Everyone is an owner and eligible for competitive stock options with a company poised for success.
    • We´re committed to building an inclusive and diverse team and we know this leads to incredible work.
Kueski: Where talent excellence improves Mexican lives

#LifeAtKueski #KueskiTalent

Required profile

Experience

Level of experience: Mid-level (2-5 years)
Industry :
Fintech: Finance + Technology
Spoken language(s):
English
Check out the description to know which languages are mandatory.

Hard Skills

DevSecOpsDynamic Application Security Testing (DAST)Penetration TestingStatic Application Security Testing (SAST)Cloud ComputingAgileDevOpsAutomated Testing

Soft Skills

  • Teamwork
  • Interpersonal Skills
  • Problem Solving
  • Attention to Detail
  • Adaptability
Are you interested?

Go Premium: Access the World's Largest Selection of Remote Jobs!

  • Largest Inventory: Dive into the world's largest remote job inventory. More than half of these opportunities can't be found on standard platforms.
  • Personalized Matches: Our AI-driven algorithms ensure you find job listings perfectly matched to your skills and preferences.
  • Application fast-lane: Discover positions where you rank in the TOP 5% of applicants, and get personally introduced to recruiters with Jobgether.
  • Try out our Premium Benefits with a 7-Day FREE TRIAL.
    No obligations. Cancel anytime.
Upgrade to Premium

Find other similar jobs

SEE MORE JOBS
Sign in or sign up with Google or LinkedIn