Select which cookies you accept
When you visit this website, it may store or retrieve information on your browser, mostly in the form of cookies. This information might be about you, your preferences or your device and is mostly used to make the website work as you expect it to. The information does not usually directly identify you, but it can give you a more personalized web experience.
Because we respect your right to privacy, you can choose not to allow some types of cookies. Below is a list of different categories of cookies that may be set and that you can freely change. However, blocking some types of cookies may impact your experience of the site and the services we are able to offer.
These cookies are required and must be accepted to use this site.
These cookies collect data about how visitors use this website.
These cookies allow the website to remember choices you make and provide enhanced, more personal features.
These cookies are used to deliver adverts more relevant to you and your interests.
You'll be responsible to make all our eco-system more secure by protecting system boundaries, keeping computer systems and network devices hardened against attacks and securing highly sensitive data.
We usually respond within
Application Security Engineer (f/m/d)
Stratio is the World’s Leading Real-time Predictive Fleet Maintenance Platform. The company's proprietary technology combines large-scale processing with the latest machine learning techniques to prevent hundreds of thousands of breakdowns from happening every day, thus saving millions of people from the hassle of public transportation delays, postponed deliveries, or late arrival of essential goods. Stratio’s platform enables zero downtime for 5 of the 10 largest transportation companies in the world and, in 2021, raised an investment of $12 million to boost leadership in predictive fleet maintenance. Fleet operators in Europe, North America, Asia-pacific, and Latin America trust Stratio’s technology to fully leverage the data under the hood to safeguard operations, and keep customers happy. Stratio’s technology has enabled transportation for 1.3 billion people so far.
Your contribute to a #zerodowntimefuture
As part of the Security team you will be responsible to make all our eco-system more secure by protecting system boundaries, keeping computer systems and network devices hardened against attacks and securing highly sensitive data. As an AppSec Engineer your task will mainly be:
As Application Security Engineer you will
Performing security source code analysis;
Investigate security vulnerabilities;
Analysis of application architecture and technologies;
Research and POC’s based on vectors of attack;
Work closely with our DevOps team to implement Security gates in our CI/CD pipelines;
Provide mitigation advice for security vulnerabilities;
Assistance on Application Security Programs and Processes implementation;
Be an evangelist to our Development teams, to help them raise security awareness;
Define security gates and rules in terms of development.
This is what we believe is needed for this role
Coding experience in one or more general-purpose languages (e.g. .Net, Java, Ruby, Python);
Experience testing web applications/services, identifying, and remediating OWASP top 10 security flaws, and understanding large complex systems quickly;
Strong knowledge in basic HTTP/HTTPS protocol;
Pro-active and sense of ownership;
Good communication skills;
Fluency in English.
You have background in application security and/or static analysis (penetration testing / security code review / SCA tools);
Experience with Infrastructure as Code (Terraform and / or Ansible preferred);
Experience with common infrastructure cloud providers;
Experience with malware detection and analysis;
Experience with forensic analysis;
Experience with SIEM tools;
Strong understanding of cybersecurity standards and frameworks, e.g., ISO27001, NIST, CIS, OWASP, SANS;
Certifications such as OSCP, CISM, CISSP, GSEC.
What we offer
Fringe Benefits Policy;
Flexible Work Hours - adjust your schedule to your needs;
Work Setup - remote, hybrid, onsite - if your job can be done remotely, and you prefer to, you’re free to choose;
Hardware and software for a full remote setup;
Quarterly Events to discuss Strategy;
Autonomy and Ownership Culture;
Continuous feedback culture;
Remote / Hybrid / Lisbon / Coimbra
What you can expect from the recruitment
Screening call with HR
1st Interview (1h) HR and Hiring Manager We want to get to know you better and navigate through your experience, skills and motivation.
Technical Interview(1-2h) Hiring Manager and team members Deep dive into your skills and assessment of your technical knowledge.
Cultural Fit Interview (1h) HR Manager and one of our Founders Validate the cultural fit between you and Stratio and make sure you’re the person we’re looking for to help us build a #zerodowntimefuture.
We want inspiring individuals in our teams, where age, race, gender, sexual orientation, politics and religion do not matter, and seek to create a tolerant and open space for everyone. We thrive to provide an inclusive and trustworthy environment.
You can find our Culture Manifesto and more team information here.