Application Security Engineer

Ce que nous faisons

Chez Kenvue, nous réalisons le pouvoir extraordinaire des soins quotidiens. S'appuyant sur plus d'un siècle d'héritage et enraciné dans la science, nous sommes la maison de marques emblématiques - dont NEUTROGENA®, AVEENO®, TYLENOL®, LISTERINE®, JOHNSON'S® et BAND-AID® que vous connaissez et aimez déjà. La science est notre passion ; Le soin est notre talent.

Qui nous sommes

Notre équipe mondiale est composée de ~ 22 000 personnes brillantes avec une culture d'entreprise où chaque voix compte et chaque contribution est appréciée. Nous sommes passionnés par les idées, l'innovation et l'engagement à fournir les meilleurs produits à nos clients. Avec de l'expertise et de l'empathie, être un Kenvuer signifie avoir le pouvoir d'avoir un impact sur des millions de personnes chaque jour. Nous donnons la priorité aux personnes, nous nous soucions farouchement, nous gagnons la confiance grâce à la science et nous résolvons les problèmes avec courage - et nous vous offrons de brillantes opportunités ! Joignez-vous à nous pour façonner notre avenir et le vôtre. Pour plus d'informations, cliquez sur ici.

Role relève à :

Product Owner Secure the Developer

Lieu :

Latin America, Brazil, Sao Paulo, Sao Paulo

Lieu de travail :

Hybride

Ce que tu vas faire

Kenvue is currently recruiting for:

Application Security Engineer

This role can be based in Sao Paulo, or Sao Jose, Brazil, part of a global team, and reports to the Director, Application & Cloud Security & xDLC.

Who We Are

At Kenvue, we realize the extraordinary power of everyday care. Built on over a century of heritage and rooted in science, we’re the house of iconic brands - including NEUTROGENA®, AVEENO®, TYLENOL®, LISTERINE®, JOHNSON’S® and BAND-AID® that you already know and love. Science is our passion; care is our talent. Our global team is made up of 22,000 diverse and brilliant people, passionate about insights, innovation and committed to deliver the best products to our customers. With expertise and empathy, being a Kenvuer means to have the power to impact life of millions of people every day. We put people first, care fiercely, earn trust with science and solve with courage – and have brilliant opportunities waiting for you! Join us in shaping our future–and yours.

What You Will Do

As an Application Security Engineer, you will be safeguarding digital assets and data through advanced cybersecurity solutions and processes. We are seeking a highly motivated and talented Application Security Senior Engineer to join our dynamic team. If you have a passion for identifying and mitigating security risks in applications, working with developers, we invite you to apply and be a part of our dedicated cybersecurity workforce.

Key Responsibilities

• Conduct comprehensive architecture security reviews of applications to identify vulnerabilities and weaknesses.
• Secure cloud-native services, including container orchestration platforms like Kubernetes.
• Maintain and operate various security tools SAST, DAST, CWPP, CSPM, SSPM, CASB...
• Perform penetration testing, code reviews, and vulnerability scanning to ensure the security of web and mobile applications.
• Collaborate with development teams to provide guidance on secure coding practices and assist in the remediation of identified security issues, or misconfigurations.
• Develop and maintain security standards, policies, procedures, work instructions and requirements related to application security.
• Stay current with the latest security trends, threats, and vulnerabilities affecting application security.
• Participate in incident response and security incident investigations related to application security.
• Work closely with cross-functional teams to integrate security into the technology development lifecycle.
• Automate vulnerability scanning, and compliance checks into development workflows.
• Proficiency in cloud eco-systems such as AWS, GCP or Azure.
• Knowledge of DNS and IP management
• Develop, maintain and run security automation scripts using languages such as python or other software and scripting languages.
• Knowledge of source code systems such as Bitbucket or GitHub.

What We Are Looking For

Required Qualifications

• Bachelor’s degree in computer science, Information Security, or related field or 5+ years of cyber security experience.
• Advanced English Level (C1 minimum)
• Strong background in Software Development
• Strong knowledge of software development tools such as IDEs, security, and code quality tools.
• Working experience with application security assessments, vulnerability testing, and secure code reviews.
• Knowledge of web application security vulnerabilities and common attack vectors (e.g., OWASP Top 10).
• Experience with security assessment tools such as Burp Suite, Nessus, OWASP ZAP, Snyk, etc.
• Understanding of encryption technologies, authentication mechanisms, and secure coding practices.
• 5+ years’ experience in software development/engineering with programming/scripting skills in languages like Java, Python, Ruby, or similar languages.
• Experience with roles, processes, and tools to enable a high-performing DevOps practice in an Agile environment.
• Strong knowledge of Kubernetes and containerization (Docker).
• Relevant security certifications such as CISSP, CEH, CompTIA Security+, Azure Security Engineer, and AWS certified – Security Specialty, and Cloud are a plus.
• Excellent problem-solving and analytical skills, along with effective communication and teamwork abilities.
• Experience leading a small team and facilitating stand-up meetings.
• Strategic thinking to align security goals with business objectives.
• Experience with Atlassian tools such as Jira, Confluence, and Bitbucket.
• Knowledge of either Azure or AWS cloud platforms and associated security standards and best practices.

Desired Qualifications

• Mobile application development

What’s In It For You

• Competitive Benefit Package
• Paid Company Holidays, Paid Vacation, Volunteer Time & More!
• Learning & Development Opportunities
• Employee Resource Groups 
• This list could vary based on location/region

Kenvue is proud to be an Equal Opportunity Employer.  All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, age, national origin, or protected veteran status and will not be discriminated against on the basis of disability.

*please submit your resume in English.

Si vous êtes une personne handicapée, veuillez consulter notre Page d'aide aux personnes handicapées pour obtenir des informations sur la façon de demander un aménagement.