This page was automatically translated and may contain errors. View in English.
DOHA BANK

IT Application Security Specialist

DOHA BANK

Doha, Doha Municipality, Qatar · Tempo total

Seja o primeiro a se candidatar

Experiência
8–12 anos
Salário
Vagas
1
Publicado
há 3 horas
Modo de trabalho
No escritório
Educação
Bachelor's degree in Computer Science or related field
Retomar
Obrigatório candidatar-se

Onde você trabalhará

Descrição da vaga

About the Role

The IT Application Security Specialist will spearhead the development, implementation, and management of application security across enterprise-wide systems. The role ensures applications are safeguarded by design and comply with internal policies plus regulatory mandates.

Key Responsibilities

  • Develop and uphold the enterprise-wide application security framework.
  • Incorporate secure-by-design principles into all applications.
  • Track security effectiveness through key performance indicators, such as vulnerability mitigation and resolution times.
  • Enhance the maturity of application security continually.
  • Design secure system architectures for applications, APIs, and microservices, leading threat modeling exercises using methodologies like STRIDE.
  • Enforce security design patterns including authentication, encryption, and data protection techniques and actively participate in architecture governance.
  • Integrate security processes and tools into CI/CD workflows, including managing SAST, DAST, and SCA solutions.
  • Define and apply secure coding standards guided by OWASP Top 10 vulnerabilities while automating security checks in development pipelines.
  • Design and maintain secure cloud architectures on platforms such as AWS and Azure, applying Identity and Access Management and Zero Trust concepts.
  • Secure container environments such as Kubernetes and OpenShift; implement monitoring, logging, and threat detection measures in cloud environments.
  • Coordinate comprehensive security testing, including vulnerability assessments, penetration tests, and ensure effective remediation of discovered vulnerabilities.
  • Collaborate closely with Security Operations Centers to bolster monitoring and incident response, supporting SIEM use cases and security trend analysis.
  • Ensure compliance with standards and regulations like PCI DSS, SWIFT CSP, and ISO 27001; support audits and develop security policies and procedures.
  • Serve as a trusted advisor by providing security guidance to development, DevOps, and architecture teams and conduct training on secure coding.

Qualifications and Experience

  • Bachelor's degree in Computer Science, Cybersecurity, Software Engineering, or related fields.
  • Minimum of 8 to 12 years of cybersecurity experience, with strong emphasis on application security, DevSecOps, and cloud security.
  • Experience in financial services or banking industries is preferred.

Required Skills and Competencies

  • In-depth knowledge of OWASP Top 10 vulnerabilities and secure coding methods.
  • Expertise in secure software development lifecycle and threat modeling techniques.
  • Strong understanding of API and web application security concepts.
  • Proficiency with security testing tools such as SAST, DAST, and Software Composition Analysis (SCA).
  • Experience with cloud platforms, particularly AWS and Azure, including container security with Kubernetes/OpenShift.
  • Familiarity with SIEM systems, vulnerability management, and continuous security monitoring.
  • Excellent analytical thinking, communication, and stakeholder engagement capabilities.
  • Capability to influence cross-departmental teams and detailed risk awareness.

Certifications

  • At least two of the following are required: CISSP, CCSP, CISM, or CRISC.
  • Preferred certifications include CEH, Microsoft Azure Security Engineer (AZ-500), AWS Security Specialty, or OSCP.

Additional Information

  • This position requires close interaction with development, infrastructure, and security teams.
  • The role combines strategic planning with active technical involvement.
  • Experience working in regulated environments is an advantage.

Deixe este campo se desejar uma resposta — não o utilizaremos para mais nada.

Clique para navegar, arrastar e soltar, ou colar uma captura de tela

PNG, JPG, GIF, MP4, WebM, MOV · Máximo de 20 MB cada · Até 5 arquivos

🤖
Online · ajuda instantânea de IA