Cybersecurity Engineer

Our Way of Being and Doing

The Appmax team is comprised of hands-on professionals who prioritize grit and collaboration. We are dedicated daily to empowering digital entrepreneurs to achieve more efficient and easier sales. Inspired by our clients, we provide tools that enhance and maximize their results. Join our journey!

The Challenge

At Appmax, security is a core value, not just a department. Our advanced technological maturity has led to the creation of a dedicated Cybersecurity vertical. Previously, our security was expertly managed by the SRE team. Your role will be to technically guide the evolution of this security framework, reporting to technical management while maintaining close ties to our existing infrastructure.

You will collaborate closely with SRE and Engineering teams, actively implementing and evolving critical security controls that underpin our operations. This includes ensuring full synergy with compliance standards (Bacen, PCI) and operational resilience.

What You Will Do (Responsibilities):

• DevSecOps: Implement and maintain robust security controls integrated throughout the development lifecycle and within CI/CD pipelines.
• Security Engineering: Provide essential support for code reviews, focusing on security vulnerabilities in Go, PHP, or Python, and configure secure AWS environments.
• Vulnerability Management: Conduct and oversee pentest cycles and security scans, facilitating remediation efforts with engineering teams.
• Monitoring & Response: Lead the detection and response to security incidents, contributing to thorough root cause analysis and capturing lessons learned.
• Compliance: Ensure ongoing adherence to PCI-DSS, Bacen (Res. 4893/4945), and LGPD standards across Cloud Native architectures.
• Security Culture: Promote and disseminate best security practices among developers and SRE professionals.

What We Are Looking For (Requirements):

• Practical experience with cloud security in AWS environments (IAM, Security Groups, CloudTrail, Config).
• Strong knowledge in Application Security (AppSec), including OWASP Top 10 and security protocols (OAuth2, JWT, TLS).
• Hands-on experience with defensive security tools such as WAF, SIEM, centralized logging, and observability platforms.
• Familiarity with DevSecOps methodologies and integrating security into CI/CD pipelines.
• Proven ability to analyze and effectively respond to security incidents.
• Excellent communication skills and a collaborative approach for cross-functional teamwork.

Here at Appmax, Our Maxters Enjoy:

• All necessary equipment and resources for in-person, hybrid, or remote work models.
• Cost assistance for expenses for hybrid or remote employees.
• Flexfood, offering flexibility between meal and food allowances.
• Comprehensive Health and Dental Plan.
• Wellhub membership.
• Avus benefits.
• Starbem services.
• Pharmacy agreement.
• Transportation voucher.
• Life insurance.
• Guapeco Pet Plan.
• Upmaxter program to support professional development and studies.
• A supportive environment that fosters development and high performance through monthly performance checkpoints, 1:1 meetings, continuous feedback, PDI monitoring, and more.