Software Mind

Technology

SeniorSecurityAnalyst-ApplicationSecurity&DevSecOps

$28500–42500k ~AI est. San José, San José Province, Costa Rica FULL TIME Remote Friendly

Market Sentiment

HIGH DEMAND

Neural analysis suggests this role is
optimal for mid candidates.

The Brief

“Senior Security Analyst- Application Security & DevSecOps at Software Mind. Skills: Application Security, DevSecOps, Secure SDLC, Cloud Security. Partner with development teams. Embed secure coding practices”

What You'll Achieve.

Drive phased maturity roadmap; Build durable capability

Industry & Context.

Technology

Problems you'll solve

Risk assessment; Root cause analysis

What They're Looking For.

Must Have

5+ years of experience in Application Security, 5+ years of experience in DevSecOps, Hands-on AppSec background, Hands-on DevSecOps background, SAST/DAST/SCA experience, CI/CD pipeline security experience, Secrets management experience, Product security review experience, Technology security review experience, Experience with CI/CD tooling, Experience with source control tooling, Cloud security experience in AWS, Cloud security experience in Azure, +90% English proficiency

Nice to Have

Experience in a SOC 2 environment, Experience in a ISO 27001 environment, Threat modeling experience, AI/ML security experience, AI/ML governance experience

What You'll Do.

Partner with development teams

Embed secure coding practices

Assess development practices

Drive maturity roadmap

Lead developer enablement initiatives

Provide secure coding guidance

Conduct threat modeling

Manage security champions program

Integrate secrets scanning

Tune secrets scanning

Deliver fast feedback

Evaluate prospective products

Evaluate developer tooling

Confirm alignment with best practices

Conduct architecture reviews

Conduct design reviews

Assess authentication

Review third-party risk

Review supply chain risk

Define conditions for safe use

Produce risk-based assessments

Produce recommendations

Align product reviews

Implement policy-as-code guardrails

Implement IaC security controls

Drive cloud posture improvements

Establish supply chain security controls

How You'll Work.

Team & Collaboration

Partner with development teams; Coach developers; Present risk to technical audiences; Present risk to executive audiences

Communication Scope

Risk presentation

Process & Methodology

Roadmap planning

Full Job Description

We are Software Mind, an awesome team of engineers who are ready to ramp up any top-notch company’s projects! Our aim? To always be one step ahead. Become part of a multicultural company in constant growth with an excellent work environment certified by Great Place To Work! Overview Software Mind is seeking qualified candidates to fill the role of Senior Security Analyst- Application Security & DevSecOps In addition to a competitive salary rate and a positive work environment, we are committed to delivering high-quality technology solutions, we also offer: * Flexible schedules * An authentic work-life balance * Payment in US Dollars Senior Security Analyst – Application Security & DevSecOps About the Role We are seeking a Senior Security Analyst with a strong background in Application Security and DevSecOps , focused on embedding security throughout the software development lifecycle. This is not a traditional SecOps monitoring role — the ideal candidate is someone who partners closely with engineering teams, drives security program maturity, and can assess technology risk at both a technical and strategic level. ## Qualifications Key Responsibilities SSDLC Maturity & Developer Enablement * Partner with development teams to embed secure coding practices throughout the SDLC, shifting security from a final gate to a shared, integrated responsibility * Assess current development practices against Secure SDLC standards, identify gaps, and drive a phased maturity roadmap with measurable milestones * Lead developer enablement initiatives — secure coding guidance, threat modeling, and a security champions program — that build durable capability within engineering teams * Integrate and tune SAST, DAST, SCA, and secrets scanning in CI/CD pipelines (Azure DevOps, Bitbucket) to deliver fast, in-workflow feedback with minimal friction Product & Technology Security Review * Evaluate prospective products, platforms, SaaS tools, and developer tooling to confirm alignment with secu

Free ATS check

Applying for this Senior Security Analyst- Application Security & DevSecOps role?

Most applicants get filtered before a human reads their resume. See if yours makes the cut.

Should you apply? AI reads your resume vs this job — match score, gaps to address, ATS keywords.

SKILL SIGNAL 31 detected · ranked by frequency

Secure coding practices ×3

Threat modeling ×3

Policy-as-code ×3

Infrastructure-as-code ×3

Configuration hardening ×3

CIS benchmark alignment ×3

Network segmentation ×3

Dependency governance ×3

Code signing ×3

Application Security ×2

DevSecOps ×2

Secure SDLC ×2

Cloud Security ×2

Azure DevOps ×2

Bitbucket ×2

SAST

DAST

SCA

CI/CD

AWS

Azure

M365

WAF

Risk assessment

System design

Architecture review

Vendor security posture

SAST tools

DAST tools

SCA tools

Secrets scanning

Role Details

Seniority Senior

Experience 5–10 yrs

Level mid

Work Mode Flexible

Type FULL TIME

Category software

Salary Band 200k+

AI-Extracted Insights

Domain Areas

secure-sdlc-standardsnist-ssdfowasp-sammowasp-asvsbsimmcloud-securitysupply-chain-riskai-ml-components

Certifications

CSSLPGWAPTCISSPCloud security certifications

How to Apply on SmartRecruiters

SmartRecruiters often includes a video screening step — check camera and mic permissions.
Link your GitHub or portfolio directly in the profile section for technical roles.
Applications may be reviewed by AI scoring before reaching a recruiter — use keywords from the job description.

ANONYMOUS · UNFILTERED

What do employees actually say about Software Mind?

Real rants from real employees. Read before you apply.

Read Company Rants →