We are looking for a senior cybersecurity engineer with a strong consulting mindset to help organizations design, implement, and mature secure software development practices across complex, primarily on‐premises environments.this role combines deep expertise in application security (appsec) and secure software development lifecycle (ssdlc) with hands‐on knowledge of infrastructure security, particularly in kubernetes and containerized platforms deployed on‐prem.you will work closely with engineering teams, platform teams, and security leaders to embed security into development and deployment processes.the ideal candidate is comfortable operating in client‐facing environments, navigating legacy and modern systems, and translating technical risks into actionable business outcomes.you bring a pragmatic, risk‐based approach and are interested in evolving domains such as ai security and secure ai adoption.key responsibilitiesapplication security & ssdlcdesign and implement secure software development lifecycle (ssdlc) practices.perform and guide secure code reviews, threat modeling, and security design assessments.integrate security controls into ci/cd pipelines (sast, dast, sca, secrets scanning).
define and promote secure coding standards across development teams.support developers in vulnerability remediation and secure design decisions.infrastructure & kubernetes security (on‐prem focus)assess and improve security of on‐premises infrastructure and kubernetes environments.identify risks in cluster configurations, workloads, network segmentation, and access controls.implement and recommend best practices for container security, runtime protection, and platform hardening.collaborate with infrastructure teams to secure bare‐metal or virtualized environments supporting kubernetes.review and secure infrastructure‐as‐code and deployment configurations where applicable.identify and assess risks in ai/ml‐enabled applications and workflows.advise on secure usage of llms and ai‐driven systems (e.g., prompt injection, data leakage, model misuse).
support secure integration of ai into development and operational processes.vulnerability management (app & infra)support and improve application and infrastructure vulnerability management programs.prioritize vulnerabilities based on risk, exploitability, and operational impact.guide remediation efforts and track progress across teams.consulting & client engagementact as a trusted advisor on application and infrastructure security topics.conduct security assessments, gap analyses, and maturity evaluations.translate technical findings into clear, business‐oriented recommendations.work across multiple stakeholders in complex, often legacy‐heavy environments.documentation & communicationproduce clear, structured technical and executive‐level deliverables.communicate risks in a clear, non‐alarmist, business‐relevant manner.support workshops, presentations, and discussions with technical teams and leadership.requirements7+ years of experience in application security, product security, or related roles.strong experience implementing and operationalizing ssdlc practices.hands‐on experience with secure code review, threat modeling, and security testing tools (sast, dast, sca).
experience working in on‐premises environments, including traditional infrastructure and/or private data centers.practical experience securing kubernetes and containerized workloads.strong understanding of application‐layer vulnerabilities (owasp top 10).
experience integrating security into ci/cd pipelines and devsecops workflows.familiarity with infrastructure security concepts (network segmentation, hardening, access control).
experience with vulnerability management programs across application and infrastructure layers.exposure to ai/ml security concepts and associated risks.strong ability to translate technical findings into business impact.excellent communication skills, with experience in consulting or client‐facing environments.experience in security consulting or professional services.hands‐on experience with kubernetes security tooling (falco, kyverno, opa/gatekeeper, trivy).
what we valuea strong consultative mindset: guiding teams and influencing decisions.pragmatic, risk‐based approach to security in real‐world environments.ability to work across modern and legacy infrastructure seamlessly.strong collaboration with development, infrastructure, and platform teams.curiosity and adaptability in emerging areas like ai security.clear, structured communication for technical and non‐technical audiences.proactive mindset in identifying security gaps and improvement opportunities.comfort working in complex, ambiguous, and evolving environments.ownership and accountability in client engagements and deliverables.nice to haveexposure to cloud environments (aws, azure, or gcp) (not required).
familiarity with container runtime security and monitoring solutions.knowledge of software supply chain security practices (sboms, signing, etc.).
experience with automation and scripting (python, bash).
exposure to ai‐assisted tools or ai‐driven workflows.familiarity with compliance frameworks (soc 2, iso *, nist).
certifications — highly valuedcsslp (certified secure software lifecycle professional)oscp / oswe (offensive security certifications)gwapt / gweb (giac web/appsec certifications)kubernetes certifications (cka, ckad, cks)what we offerexciting and innovative projects for disruptive start‐ups and world‐class companies.a creative working environment with a positive and collaborative atmosphere within an open‐minded community.a senior team that offers mentorship opportunities to help you excel in your career.enjoy a range of benefits at qubika, including flexible work hours, ongoing skill development, language lessons, travel opportunities, engaging activities, expert talks, and more.this job opening includes people registered in the national registry for persons with disabilities (registro nacional de personas con discapacidad - ley n° *) who meet the conditions and suitability for the position.if you require any accommodations during the application process, please reach out to us at .
#j-*-ljbffr