Competecy center Vulnerability Management-SAST/SCA /DAST/BITSIGHTAt Lùkla, we partner with leading international organizations operating in highly regulated and business-critical environments.We are looking for a Cybersecurity Consultant focused on Application Security to join an international cybersecurity team, contributing to the implementation and continuous improvement of application security practices within complex enterprise environments.The professional will be responsible for supporting Secure Software Development Lifecycle (SSDLC) initiatives, vulnerability management activities, and the implementation of security controls throughout the application development lifecycle.Key Responsibilities- Implement and perform application security assessments, including: SAST (Static Application Security Testing); DAST (Dynamic Application Security Testing); SCA (Software Composition Analysis); Support the deployment and maintenance of code analysis and dependency management solutions - Identify, assess, and track application security vulnerabilities - Collaborate with development teams to mitigate security risks and promote secure coding practices - Participate in the implementation and enhancement of Secure SDLC processes - Automate vulnerability management and reporting processes through scripting and tooling - Monitor security metrics, compliance status, and remediation follow-up activities - Promote security awareness and AppSec best practices across technical teams - Contribute to the continuous improvement of the Application Security community and initiativesTechnical Requirements- Experience with application security and vulnerability management tools (e.g., Fortify, Qualys, Nexus IQ, Kubernetes, among others) - Strong understanding of OWASP Top 10 and secure coding principles - Knowledge of frontend and backend development technologies (Java, Angular, REST APIs, etc.) - Experience with automation and scripting, preferably using Python - Previous experience in Application Security, Cybersecurity, or IT Risk environments - Ability to work collaboratively within multidisciplinary teamsNice to Have- Security certifications such as CISSP, CISM, CEH, CCSP, CISA, CRISC, ISO27001, or similar - Strong analytical and problem-solving skillsProfile- Recetive for an hybrid Regime - Located in Porto - Fluent in English - Proactive mindset with strong critical thinking abilities - Excellent communication and collaboration skills - Passion for application security and emerging cybersecurity challenges