Application Security Engineer
Confirmed live in the last 24 hours
Monks
Job Description
Please note that we will never request payment or bank account information at any stage of the recruitment process. As we continue to grow our teams, we urge you to be cautious of fraudulent job postings or recruitment activities that misuse our company name and information. Please protect your personal information during any recruitment process. While Monks may contact potential candidates via LinkedIn, all applications must be submitted through our official website (monks.com/careers).
Application Security Engineer
Location: Brazil
.Monks Technology Services, part of Media.Monks and S4 Capital, is a global consulting firm mastering AI-powered transformations for the Fortune 100. We combine long-term strategic thinking, deep enterprise experience, and a human-centered approach to help clients transform business processes and dominate their industries.
About the Role
As an Application Security Engineer, you’ll help secure high-stakes, proprietary application platforms by leading end-to-end penetration testing, performing deep secure code reviews, and driving DevSecOps tooling integrations that improve visibility, reduce risk, and accelerate remediation across global engineering teams.
Responsibilities
- Lead end-to-end application penetration testing efforts, combining manual techniques with automated testing to uncover complex vulnerabilities
- Partner with engineering teams to propose, plan, and execute tactical security objectives that harden the application layer
- Manage, monitor, and optimize application security tooling, including SAST, DAST, IAST, and ASPM solutions
- Integrate security testing and controls into CI/CD pipelines to enable scalable, repeatable DevSecOps practices
- Perform secure code reviews across polyglot environments (e.g., C++, C#, Java, JavaScript) and provide actionable remediation guidance
- Develop and maintain security metrics and reporting that clearly communicate risk exposure and remediation progress to technical and executive stakeholders
- Create and maintain application security procedures, standards, and playbooks to support consistent execution across distributed teams
- Other duties as assigned
About You
Qualifications & Skills
- 7+ years of relevant work experience in Application Security, including 5+ years focused on penetration testing
- Strong knowledge of common vulnerability classes and risk frameworks (e.g., OWASP Top 10, SANS Top 25) with the ability to translate technical findings into business impact
- Hands-on experience with SAST/DAST/IAST tools and integrating them into modern CI/CD workflows
- Experience working with ASPM solutions to centralize, prioritize, and operationalize application security findings
- Deep understanding of REST-based architectures and modern application implementation patterns
- Ability to operate autonomously with minimal supervision in fast-paced, high-stakes environments
- Strong analytical and problem-solving skills, with a collaborative approach to working across globally distributed teams
- Nice to have: OSCP/OSWE (or equivalent), experience in financial services or low-latency platforms, and scripting ability in Python/Go to automate testing and tool integrations
.Monks Technology Services does not discriminate on the basis of race, sex, color, religion, age, national origin, marital status, disability, veteran status, genetic information, sexual orientation,
#LI-PC1
#LI-Remote
About Monks
Monks is the global, digital-first, data-driven, unitary operatin
Similar Jobs
Accenture
Application Automation Engineer
Workday
Sr Information Systems Software Application Engineer
Johnson Controls
Sr. Application Engineer II - Design - Security System
CACI International
AWS Cloud Application Engineer
Fiserv