We are looking for an Application Security Engineer for the location based in Dubai, UAE with the below skillsets,
1. Job Accountabilities Linked to Objective Areas:
• Depth knowledge of automated tools (Checkmarx, Fortify) and Manual Source Code review of programming language (Php, .Net, Objective C, Python, Java).
• Execute in-depth automated and manual discovery of security vulnerabilities in Web application and Mobile Apps (iOS & Android).
• Write comprehensive security assessment reports and make appropriate recommendations for the vulnerabilities that are identified during the security assessments.
• Provide necessary knowledge transfer of the vulnerabilities found during the assessments to the software engineering teams by means of meetings, walkthroughs, technical discussions etc. for implementing appropriate security fixes.
• Track all the identified security weaknesses and risks through their life-cycle from identification to resolution to verification and closure through the Information Security Risk Tracking system.
• Participate in evolving the assurance program on an ongoing basis to incorporate industry best practices, offensive and defensive attack techniques.
• Collaborate with software engineering teams to ensure a better understanding of the business and have to get more context for each assessments that needs to be carried out.
• Collaborate with application development teams on improving security in the Software Development Life Cycle (SDLC) by offering awareness, training, new tooling and expert review.
• Minimum Qualifications/Experience/Knowledge/Skills
Qualifications:
• Degree or honours (12+3 equivalent)
• Candidate with Computer Science or Computer Engineering preferred
Experience:
• 7+ years of relevant experience in the information security domain
Knowledge/Skill Set:
• Offensive Security Certified Professional (OSCP) – Preferred
• GIAC Web Application Penetration Tester (GWAPT) – Preferred
• Certified Information Systems Security Professional (CISSP) – Preferred
• Experience building tools and processes to reliably identify security issues such as SQLi, XSS, CSRF, and business logic flaws across large code bases.
• Expertise with browser security controls (CSP, XFO, HSTS, etc.), web application security topics such as OWASP Top 10, and authentication infrastructure (SAML, OAUTH, JWT).
• Experience in database, application, and web server security design, implementation & review.
• Knowledge on Infrastructure Security is a plus.
APPLY HERE
https://gulfcareerhunt.com/application-security-engineer-dubai-uae-2/