Application Security Engineer Dubai UAE

Position: Application Security Engineer

Date posted: 2022-01-26

Industry: IT

Employment type: Full Time

Experience: 7 years

Qualification: Bachelor’s/Master Degree holder

Salary: AED 10000 to 20000

Location: Dubai, United Arab Emirates

Company: Confidential

Description:

We are looking for an Application Security Engineer for the location based in Dubai, UAE with the below skillsets,

1.      Job Accountabilities Linked to Objective Areas:

  • Depth knowledge of automated tools (Checkmarx, Fortify) and Manual Source Code review of programming language (Php, .Net, Objective C, Python, Java).
  • Execute in-depth automated and manual discovery of security vulnerabilities in Web application and Mobile Apps (iOS & Android).
  • Write comprehensive security assessment reports and make appropriate recommendations for the vulnerabilities that are identified during the security assessments.
  • Provide necessary knowledge transfer of the vulnerabilities found during the assessments to the software engineering teams by means of meetings, walkthroughs, technical discussions etc. for implementing appropriate security fixes.
  • Track all the identified security weaknesses and risks through their life-cycle from identification to resolution to verification and closure through the Information Security Risk Tracking system.
  • Participate in evolving the assurance program on an ongoing basis to incorporate industry best practices, offensive and defensive attack techniques.
  • Collaborate with software engineering teams to ensure a better understanding of the business and have to get more context for each assessments that needs to be carried out.
  • Collaborate with application development teams on improving security in the Software Development Life Cycle (SDLC) by offering awareness, training, new tooling and expert review.
  • Minimum Qualifications/Experience/Knowledge/Skills

Qualifications:

  • Degree or honours (12+3 equivalent)
  • Candidate with Computer Science or Computer Engineering preferred

Experience:

  • 7+ years of relevant experience in the information security domain

Knowledge/Skill Set:

  • Offensive Security Certified Professional (OSCP) – Preferred
  • GIAC Web Application Penetration Tester (GWAPT) – Preferred
  • Certified Information Systems Security Professional (CISSP) – Preferred
  • Experience building tools and processes to reliably identify security issues such as SQLi, XSS, CSRF, and business logic flaws across large code bases.
  • Expertise with browser security controls (CSP, XFO, HSTS, etc.), web application security topics such as OWASP Top 10, and authentication infrastructure (SAML, OAUTH, JWT).
  • Experience in database, application, and web server security design, implementation & review.
  • Knowledge on Infrastructure Security is a plus.

Leave a Reply

Your email address will not be published. Required fields are marked *