The Appmax team is made up of hands-on people who prioritize grit and collaboration. We strive every day to enable digital entrepreneurs to sell more, more efficiently and more easily. We are inspired by our clients and are here to serve them and provide tools that will enhance and maximize their results. If you also want to join us on this journey, apply and become a part of it!
The SRE area exists to ensure the high availability and reliability of systems and services, continuously improving infrastructure and operations processes, working closely with development teams to ensure software engineering practices are integrated with operability, promoting effective software delivery aligned with the company's business objectives. This role requires a focus on Information Security (DevSecOps) with experience in regulated financial environments (e.g., Bacen, PCI DSS, others). We are looking for someone passionate about working with Cloud Native architectures and applications, Open Source tools, and everything in the SRE world, as well as having the willingness to develop and learn constantly (lifelong learning), acting on innovative projects with high impact in the digital financial market. So, do you want to build your future with us?
Your responsibilities will include:
- Assist in the development of automations, tools, and security functionalities.
- Perform manual and automated static code reviews (Secure Code Review) using approved tools, in languages such as PHP, Go, Python, and Javascript.
- Execute proof of concepts on identified vulnerabilities.
- Develop documentation and security guidelines, also considering regulatory requirements and best practices from the Central Bank and RSFN.
- Identify technical debt in the area and propose solutions.
- Analyze, identify, and address information security incidents.
- Analysis and approval of firewall rules.
- Administer AWS cloud environments.
- Create and maintain detailed documentation on infrastructure and operational processes, providing training to other team members.
- Help replicate knowledge and best practices with other teams.
- Identify bottlenecks and optimize system and application performance.
- Act in incident management and response, collaborating with other teams to minimize user impact.
- Work with other teams to improve the overall reliability of Appmax's systems.
- Create and maintain dashboards and reports to communicate system status to stakeholders.
- Drive automation initiatives and develop tools for deployment, monitoring, and troubleshooting.
- Implement DevOps and CI/CD practices with a focus on security and compliance.
You could add a lot to our team if you have:
- Security topics and technologies such as HTTP, SSL/TLS, WAF, REST, SOAP, Cryptography, JWT, POS, NFC, 2FA, and TOTP.
- Most common vulnerabilities (OWASP TOP 10).
- Regulations and compliance such as PCI-DSS, LGPD, and Bacen regulations (e.g., Res. 4893, 5059).
- OWASP SAMM methodology and secure development practices.
- Access and profile review (RBAC).
- Application security and incident mitigation in WAF.
- Concepts of ISO 27k, CWE, CVSS, CVE, MITRE ATT&CK, EDR, and MDR.
- Experience with AWS cloud, Kubernetes (EKS), observability (Elastic Search, Zabbix, New Relic, CloudWatch).
- Automation and IaC (Ansible, Terraform).
- Windows and Linux operating systems.
- Containers (Docker), CI/CD, and relational and NoSQL databases.
- Programming & scripting (Python and/or Shellscript).
You will stand out if you have:
- Previous experience in the financial sector, especially with institutions regulated by Bacen.
- Knowledge of RSFN operation, secure communication, and ICP-Brasil certifications.
- Experience with messaging integrations and communication via RSFN.
- Intermediate knowledge of ISO 27001.
- Certifications (AWS, Kubernetes, Terraform, FinOps, CompTIA Security+, CISSP, CISM).
- Experience with DBA/DBRE, Helm, FinOps, or mission-critical services with high availability.
- Ongoing or completed Higher Education in IT or related areas.
- Experience in multi-account environments (AWS).
Here at Appmax, our Maxters find:
- All necessary equipment and resources to work in-person, hybrid, or remote models.
- Cost of living allowance for expenses for those working hybrid or remote.
- Flexfood, so you don't have to choose between VR or VA.
- Health and Dental Plan.
- Wellhub.
- Avus.
- Starbem.
- Pharmacy convenio.
- Transportation voucher.
- Life insurance.
- Upmaxter to assist with your studies.
- An environment that favors and encourages development and high performance with monthly performance checkpoints, 1:1 practices, continuous feedback routines, PDI monitoring, and more.