Back to search
Extia Linkedin · Posted 12d ago

Application Security Engineer

Portugal

Linkedin
Continue to application Add your email once, then Caio opens the original posting.

Indexed description

You want to join a company that places people at the heart of its concerns? We are waiting for you at Extia!

As a consulting company specialized in IT and digital sectors, Extia has prioritized an approach that combines performance and well-being at work since its creation in 2007. This vision is shared today by more than 2,500 Extians across France and internationally, and has been recognized by the Great Place to Work® certification for 15 years!

We believe in equal opportunity and offer every candidate the chance to reveal their potential, without distinction of any kind. At Extia, it's "First who, then what" so, let's do it!

First who

  • Strong leadership skills with ability to manage initiatives independently.
  • Excellent communication skills and ability to explain technical topics to diverse audiences.
  • Strong teaching and mentoring abilities for developer enablement.
  • Analytical and structured problem-solving mindset.
  • Ability to influence and drive adoption of security practices across teams.
  • Strong documentation and technical writing skills.
  • Proactive, autonomous, and improvement-oriented mindset.

Then what

What You’ll Do

  • Contribute to the application security strategy and roadmap within the organization.
  • Mentor and support junior Application Security Engineers, promoting knowledge sharing and best practices.
  • Drive continuous improvement of the Secure Software Development Lifecycle (S-SDLC) framework.
  • Provide expert-level guidance to development teams on application security topics and secure development practices.
  • Lead vulnerability analysis, triage, remediation, and follow-up across applications and services.
  • Ensure effective integration of security tools (SAST, DAST, SCA, container scanning, IaC scanning, secrets detection) into CI/CD pipelines.
  • Lead security awareness initiatives, workshops, and developer training sessions.
  • Develop and maintain security documentation, standards, and best practice guidelines.
  • Define, monitor, and optimize security metrics (KPIs, KRIs, OKRs).
  • Conduct threat analysis and technological watch to identify emerging risks and security trends.
  • Propose and prototype innovative security solutions and improvements.
  • Support automation and continuous improvement of application security processes and tooling.

What We’re Looking For

  • Strong expertise in application security tools and practices, including SAST, DAST, SCA, container scanning, IaC scanning, and secrets detection.
  • Experience integrating security controls into CI/CD pipelines.
  • Strong programming skills in Python, C++, C#, or similar languages.
  • Solid understanding of OWASP Top 10 and common application vulnerabilities.
  • Experience in vulnerability analysis, remediation, and false-positive management.
  • Knowledge of cloud security across public, private, hybrid, and regulated environments.
  • Familiarity with development frameworks (e.g., Angular, Hadoop or similar).
  • Understanding of secure SDLC and DevSecOps practices.

Free. 20 seconds. No password. See every match in this search.

Create a free Caio profile to unlock more results and save your role and location preferences.

Unlock free search
Want help applying to roles like this? Search Caio for free. If CV tailoring and application tracking get heavy, Full Caio Agent adds a human specialist.
View Full Agent