Broxer
Juntar
This page was automatically translated and may contain errors. View in English.
malomatia

Application Security Specialist

malomatia

Doha, Doha Municipality, Qatar · Tempo total

Seja o primeiro a se candidatar

Experiência
3+ yrs
Salário
Vagas
1
Publicado
há 4 horas
Work mode
No escritório
Educação
Bachelor’s degree in Computer Science, Information Security, or related field
Resume
Required to apply

Where you'll work

Descrição da vaga

Role Overview

We are looking for an Application Security Specialist who can help protect applications throughout the entire development and release cycle. In this role, you will partner with development, DevOps, and QA teams to build security into web, mobile, API, and thick-client applications from the start.

The position centers on finding security weaknesses, running testing activities, promoting secure development habits, and embedding security checks into CI/CD workflows through a DevSecOps mindset.

Key Responsibilities

  • Test web, mobile, API, and thick-client applications for security issues using penetration testing methods.
  • Use automated tools and techniques such as SAST, DAST, and SCA to uncover flaws in code, configurations, and third-party dependencies.
  • Conduct threat modeling during the design stage to spot potential risks and define practical mitigation steps.
  • Review source code from a security perspective and give developers clear, actionable remediation advice.
  • Build security controls into CI/CD pipelines to support DevSecOps delivery.
  • Create and run secure coding training sessions and awareness programs for development teams.
  • Assess application security products and recommend suitable tools and technologies.
  • Document assessment results, vulnerabilities, and application security standards in a clear and maintainable way.

Requirements

  • At least 3 years of experience in application security, secure software development, or penetration testing.
  • Practical, hands-on experience testing web, mobile, API, and other application types.
  • Strong working knowledge of Burp Suite, which is required, plus familiarity with tools such as Snyk, HCL AppScan, Fortify, and Postman.
  • Solid understanding of secure coding principles and proficiency in at least one programming language.
  • Experience working with DevSecOps processes and integrating security into CI/CD pipelines.
  • Good knowledge of OWASP Top 10, ASVS, MASVS, WSTG, and MSTG.
  • Understanding of common vulnerability categories, exploitation approaches, and remediation methods.
  • Strong analytical ability along with reporting and communication skills.
  • Bachelor’s degree in Computer Science, Information Security, or a closely related discipline.

Preferred Certifications

  • OffSec certifications such as OSWA or OSWE.
  • eLearnSecurity certifications such as eWPT or eWPTX.
  • GIAC / SANS certifications such as SEC542 or GWAPT.
  • Other recognized application security certifications.

Additional Advantage

Knowledge of the Qatar National Information Assurance (NIA) framework will be considered a plus.

Habilidades

Segurança de aplicações web Suíte Burp Application Security Penetration Testing API Security Threat modeling DevSecOps Secure Code Review CI/CD Integration Security Scanning Mobile Application Security OWASP Standards

Deixe este campo se desejar uma resposta — não o utilizaremos para mais nada.

Clique para navegar, arrastar e soltar, ou colar uma captura de tela

PNG, JPG, GIF, MP4, WebM, MOV · Máximo de 20 MB cada · Até 5 arquivos