DevSecOps Engineer

LOQR is looking for a full-time DevSecOps Engineer
Together at LOQR, we’re “Empowering Digital Lives”. This is our vision, a vision that grew up inside us during the last few years and that will mark our future, define our brand and engrave our position in the Digital Society.

In 2020 we will keep contributing to accelerate a seamless transition to a secure digital world, which we believe to be our mission.

We will continue to use the Digital Identity as a key to inclusive growth and as our driving force in our quest to provide the invisible identity solution, enabler of simple digital experiences to solve complex day-to-day challenges to our business clients and partners, helping their migration to the digital world and embracing digital customers.

All these achievements are only possible because of our world-class team in which you could be part!

If you would like to help us, bring you unique DNA and come along with us in our digital journey!


What you can expect:

In this role, you will work with the operations, development and product teams to verify that our solutions satisfy the defined security criteria and applicable best practices and standards, conducting reviews of our applications and infrastructure estate, improving the automation of security and monitoring in our tech lifecycle.

Keys responsibilities:
  • Setup, development and improvement of relevant AppSec/InfraSec security tools.
  • Conducting penetration tests to our software stacks, including both in-house and third party components.
  • Conducting reviews of source code repositories and external container images, assuring that they are secure and stable.
  • Performing ad-hoc security assessments of in-house developed software and, whenever possible, integrate them in continuous development pipelines that ensure security requirements are met before deploying to production environments.
  • Advise and train the development teams on the adoption of relevant AppSec best practices and procedures.
  • Define security test cases during test automation and developing new tools to improve the security grade of our solutions and operations.
  • Investigation of incidents and platform anomalies, with forensics analysis and formal reports.
  • Automation of recurrent tasks and embedding security best practices.
  • Improving of our infrastructure for ease of software deployment, scalability, security and fault-tolerance.
  • Graduate degree in Computer Science, Security or Network & Communications Engineer.
  • Knowledge of the OWASP Top 10 and AppSec best practices.
  • Experience with IaaS and SaaS solutions in the top cloud providers.
  • Experience with continuous integration tools and processes.
  • Experience with Prometheus, Grafana, Ansible, Terraform, Docker and Kubernetes.
  • Scripting skills (Python, Perl, bash).
  • Organized and meticulous behavior in all tasks.
  • Positive approach with ethical conduct.
  • Proactiveness and great organization skills.
  • Politeness and excellent written and verbal communication skills (Portuguese and English).
  • To be based in LOQR’s HQ (in Felgueiras).

What do we offer:

  • Commitment to your happiness and success;

  • Integration in a top team delivering cutting edge technology to international customers;

  • Space to thrive and grow;

  • Involvement in a promising startup;

  • Health insurance;

  • 1.000m2 office were you can work, have fun and feel at home with:

    • Video console and table tennis

    • Showers and locker rooms;

    • Fully provisioned kitchen with fresh fruit; free breakfast and coffee.

This sounds like you?