Logo for Luza Tecnologia

Application Security SME

Luza Tecnologia

Job description

This is a remote position.

We are looking for a skilled Application Security Tooling/Platform Lead, who will be responsible for ensuring the security of the project's custom development landscape through expert management of application security tooling and processes. This role drives operational excellence across Snyk, Invicti, Intigriti, and Sonatype platforms, supports key platform migrations, and provides specialist expertise for secure development reviews, threat modeling, and cross-functional alignment with the Center of Excellence (CoE).

Key Responsibilities:
  • Security Tooling Ownership & Governance
    • Act as product owner for AppSec tooling (Snyk, Invicti, Intigriti, Sonatype)
    • Ensure quality, compliance, lifecycle management, updates, and roadmap follow-up
    • Monitor tool health, SLAs, and dashboards; ensure ongoing maintenance with the CoE
    • Align with development teams, CoE, and platform stakeholders on complex topics
  • Project Ownership
    • Lead the Invicti migration to the new platform supporting LLM/GenAI/AI-injection scanning
    • Lead the Sonatype migration to SaaS with minimal disruption
    • Coordinate with internal teams, external partners, and vendors to deliver new capabilities
  • Development Security Reviews
    • Perform or support Design Security (DS) and Code Review Reports (CRR)
    • Provide guidance on security questions from developers, project managers, and architects
  • Threat Modeling
    • Lead, perform, or review threat models for custom development projects
    • Help teams identify security risks early using defined methodologies
  • Cross-Team Collaboration & Continuous Improvement
    • Collaborate weekly with the CoE on AppSec topics and standards
    • Contribute to process improvements, automation, and team enablement/training


Requirements

  • Strong hands-on experience with AppSec tools: Snyk, Invicti, Sonatype, Bug Bounty (Intigriti), or comparable platforms
  • Experience in secure SDLC, secure coding practices, and application security assessments
  • Knowledge and practical experience with threat modeling methodologies (e.g., STRIDE, attack trees)
  • Ability to collaborate across engineering, development, CoE teams, and external partners
  • Nice to have: exposure to GenAI/LLM security concerns (e.g., AI-prompt injection scanning)
  • Strong analytical, communication, and documentation skills


Benefits

  • Remote work
  • Food ticket
  • Health insurance
  • Training and access to certification vouchers
  • Work-life balance initiatives
  • Referral program
  • Birthday off
  • Give back day – enjoy a day to give back to society!
Ready to apply?
APPLY
·

Related jobs

Worldwide

Other jobs at Luza Tecnologia

We help you get seen. Not ignored.

We help you get seen faster — by the right people.

🚀

Auto-Apply

We apply for you — automatically and instantly.

Save time, skip forms, and stay on top of every opportunity. Because you can't get seen if you're not in the race.

AI Match Feedback

Know your real match before you apply.

Get a detailed AI assessment of your profile against each job posting. Because getting seen starts with passing the filters.

Upgrade to Premium. Apply smarter and get noticed.

Upgrade to Premium

Join thousands of professionals who got noticed and hired faster.