View All Jobs 116080

Application Security And Compliance Engineer

Lead compliance initiatives for industry standards and improve software security practices
Porto, Portugal
Senior
6 days ago
DSR Corporation

DSR Corporation

A global software development company specializing in custom software solutions, IoT, and embedded systems.
3 Similar Jobs at DSR Corporation

Security Compliance Engineer

We are currently looking for a Security Compliance Engineer to ensure IT systems, processes, and policies align with industry standards, regulatory requirements and security best practices. This role involves conducting risk assessments, implementing compliance requirements and working with software development teams to maintain and improve practical side of software security.

Responsibilities:

  • Lead compliance efforts for frameworks such as SOC 2, ISO 27001, NIST, GDPR, HIPAA, PCI-DSS, CCPA and other relevant standards
  • Conduct gap assessments and implement remediation plans to meet compliance requirements.
  • Maintain documentation, policies, and procedures to support audits and certifications.
  • Assist in vulnerability management, penetration testing, and security monitoring.
  • Work with development teams to implement security controls and mitigate risks.
  • Develop, update, and enforce security policies, standards, and guidelines.
  • Train teams on compliance requirements and security best practices.

Requirements:

  • 3+ years of experience in Web Application Software Development
  • 3+ years in security compliance, risk management, or Web Application Security
  • Hands-on experience with compliance frameworks (e.g., SOC 2, ISO 27001, NIST, GDPR).
  • MS (preferred) or BS degree in Computer Science or equivalent work experience
  • Strong understanding of secure software development principles (secure coding, authentication, encryption).
  • Strong understanding of OWASP Top 10 and CWE Top 25.
  • Hands-on experience with penetration testing and vulnerability assessment tools (e.g., Burp Suite, OWASP ZAP, Metasploit, Nmap, Snyk).
  • Strong problem-solving skills.
  • Technical leadership experience
  • Experience working in distributed team
  • Fluent English

Skill Keywords:

  • Security Compliance
  • Regulatory Compliance
  • ISO 27001
  • SOC 2
  • NIST
  • GDPR
  • HIPAA
  • PCI-DSS
  • Risk Assessment
  • Audit Management
  • Vulnerability Management
  • Penetration Testing
  • Cloud Security (AWS/Azure/GCP)
  • IAM (Identity & Access Management)
  • SIEM (Security Information & Event Management)
  • GRC (Governance, Risk, Compliance)
  • Policy Development
  • OWASP ASVS
  • Secure Design
  • Secure Coding
  • Web Application Security
  • Cloud Security
  • API Security
  • Threat Modeling
  • Security Automation
  • Linux
  • Windows

What we offer:

  • Competitive salary and great benefits.
  • Accelerated career growth.
  • Flexible schedule and remote-friendly policy.
  • Office in the center of Porto.
  • Employer-sponsored health insurance.
  • Strong work-life balance emphasis.
  • Extra holidays.
+ Show Original Job Post
Suggest a correction
























Application Security And Compliance Engineer
Porto, Portugal
Engineering
Apply to job
About DSR Corporation
A global software development company specializing in custom software solutions, IoT, and embedded systems.