Engineering

Secure Development Analyst

1 de ago. de 2025

About NeoSpace:


NeoSpace is an innovative startup shaping the future of technology with cutting-edge artificial intelligence solutions. We develop specialized AI models to optimize processes and transform our clients' experiences. Our mission is to simplify people's lives and enhance business efficiency by creating smarter, more accessible products and services.

Responsibilities:

  • Implement and manage tools such as SAST (Static Application Security Testing), DAST (Dynamic Application Security Testing), Secret Scanning, Container Security, MAST (Mobile Application Security Testing), and IaC Security.

  • Conduct and coordinate penetration tests (Pentests) to ensure application security.

  • Promote and lead training sessions on the OWASP Top 10 for APIs, Web, and LLMs.

  • Evaluate and implement secure development practices for products using AI and LLMs.

  • Collaborate with development and product teams to ensure security from design to delivery.

  • Create and maintain security policies and standards for cloud environments and infrastructure as code (IaC).

  • Monitor and analyze emerging threats to recommend corrective actions and improve security processes.

  • Support security audits and regulatory compliance efforts.

  • Guide secure product development, ensuring adherence to best security practices for AI and LLMs.

Requirements:

  • Solid experience with SAST, DAST, Secret Scanning, Container Security, and IaC Security tools.

  • Advanced knowledge in web, API, and mobile application security.

  • Experience in penetration testing and vulnerability management.

  • Familiarity with OWASP Top 10 for API, Web, LLM, and OWASP ASVS.

  • Experience with AI and Large Language Model (LLM) security.

  • Ability to guide secure development of AI-based products.

  • Knowledge of container and Kubernetes hardening.

  • Experience with Secure Development Life Cycle (SDLC) and DevSecOps practices.

  • Secure coding skills in languages such as Python, JavaScript, Go, Shell Script, or other relevant ones.

  • Experience with CI/CD tools and security automation.

Nice-to-Haves:

  • Certifications such as OSCP, CSSLP, CEH, GCPN, or similar.

  • Knowledge in both offensive and defensive security.

  • Experience with frameworks such as CIS Controls, MITRE ATT&CK, and NIST.

  • Understanding of secure AI governance and regulatory compliance.

We Offer:

  • CLT contract (Brazilian labor law employment)

  • Flash multi-benefits card

  • Birthday day off

  • Wellhub (Gympass)

  • SulAmerica Health and Dental Insurance (100% covered by Neo for the employee)

Security Analyst (Blue Team) ›