Job Title - Information Security Engineer About the Role We're seeking a skilled Information Security Engineer to join our team in LATAM, Brazil, and Colombia regions. This role will focus on performing application penetration testing and security assessments for mission-critical products and client applications. The successful candidate will ensure compliance with industry and regional standards (such as PCI-DSS, GDPR, LGPD), identify vulnerabilities, and provide actionable remediation guidance to development and business teams. This position is critical in maintaining the security posture of our digital platforms and preventing regulatory and reputational risk. Responsibilities - Conduct application penetration tests and security assessments for internal products and external client platforms across LATAM, Brazil, and Colombia. - Ensure compliance with key regulatory frameworks including PCI-DSS, GDPR, and LGPD, and provide recommendations to address gaps. - Analyze and classify vulnerabilities by severity and business risk, and collaborate with engineering teams to guide remediation efforts. - Produce detailed assessment reports, dashboards, and executive summaries to communicate findings to leadership. - Partner with the product and GPO teams to evaluate security readiness before product go-to-market launches. Qualifications - 3+ years of experience in Application Security, with hands-on penetration testing across web, mobile, API, and thick client platforms. - Demonstrated experience with tools for SAST, DAST, SCA, and manual security testing techniques. - Solid knowledge of OWASP Top 10, CVE/CVSS scoring, and secure SDLC practices. - Proficiency in compliance requirements related to PCI-DSS, GDPR, and LGPD. - One or more security certifications such as CSSLP, CISSP, GPEN, CEH, or similar. Location COL Medellin - Bello Niquia - Diagonal 55 #37-41, Nivel 3, Centro Comercial Estación Niquía Language Requirements English (Required) Time Type Full time