Application Security Engineer

Job Title:

We are Concentrix, an intelligent transformation partner that is solution-focused, tech-powered, and intelligence-fueled. As a global technology and services leader, we power the world’s best brands with unique data, insights, deep industry expertise, and advanced technology solutions. We shape new careers in over 70 countries, attracting top talent.

Join our Information Technology and Global Security team to deliver cutting-edge technology infrastructure, transformative software solutions, and industry-leading global security. Collaborate with the best in the world to design, implement, and strategize IT, security, and application development solutions in today’s hyperconnected environment. Be part of our core technology team that develops, builds, and runs the future of Integrated Services.

We value diversity, curiosity, and a willingness to learn. Your talent to help others and go beyond expectations will fit perfectly with our culture. Join us on this journey towards greater opportunities and brighter futures.

We seek an experienced Application Security Engineer to support cybersecurity initiatives across LATAM, Brazil, and Colombia. Your focus will be on performing application penetration testing and security assessments for mission-critical products and client applications. You will ensure compliance with industry and regional standards (such as PCI-DSS, GDPR, LGPD), identify vulnerabilities, and provide remediation guidance to development and business teams. This role is vital in maintaining our digital platforms' security and safeguarding against regulatory and reputational risks.

1. Conduct application penetration tests and security assessments for internal and external platforms across LATAM, Brazil, and Colombia.
2. Ensure compliance with PCI-DSS, GDPR, LGPD, and provide recommendations for addressing gaps.
3. Analyze vulnerabilities by severity and business risk; collaborate with engineering teams for remediation.
4. Produce assessment reports, dashboards, and executive summaries for leadership communication.
5. Partner with product and GPO teams to evaluate security readiness before product launches.

• 3+ years of experience in Application Security, including penetration testing of web, mobile, API, and thick client platforms.
• Experience with SAST, DAST, SCA tools, and manual security testing techniques.
• Knowledge of OWASP Top 10, CVE/CVSS scoring, and secure SDLC practices.
• Understanding of PCI-DSS, GDPR, and LGPD compliance requirements.
• Security certifications such as CSSLP, CISSP, GPEN, CEH, or similar (preferred).

Location: Medellin - Bello Niquia, Diagonal 55 #37-41, Nivel 3, Centro Comercial Estación Niquía

Language Requirement: English (Required)

Time Type: Full-time

If you are a California resident, by submitting your information, you acknowledge that you have read and have access to the Job Applicant Privacy Notice for California Residents