Manager, Application Security

Job Title
Manager, Application Security Majid Al Futtaim Global Solutions Dubai, UAE
Job Description
Manager, Application Security Majid Al Futtaim Global Solutions Dubai, UAE

Position Overview
Majid Al Futtaim Global Solutions is seeking an experienced Manager, Application Security to lead enterprise-wide cybersecurity initiatives focused on vulnerability management, penetration testing, and application security. This role is responsible for ensuring all applications, infrastructure, and digital platforms remain secure and compliant across the organization. The ideal candidate will bring strong technical expertise in DevSecOps, offensive security, and risk governance to help safeguard MAF s technology environment against emerging threats.

Job Details
Country: UAE
City: Dubai
Industry: I T and Services
Function: Computer-Network Security
Gender: Any
Candidate Nationality: Any
Job Type: Full-time

Key Responsibilities

* Lead the enterprise-wide Vulnerability Management (VPAT) Program, ensuring continuous assessment, risk prioritization, and timely remediation of vulnerabilities.
* Oversee penetration testing and red teaming exercises across applications, cloud, and infrastructure environments.
* Conduct offensive security assessments aligned with MITRE ATT&CK and OWASP frameworks to evaluate system resilience.
* Manage the Application Security and DevSecOps program, embedding security testing into CI/CD pipelines.
* Perform Static and Dynamic Application Security Testing (SAST/DAST) and ensure API and microservices security.
* Collaborate with developers, managed service providers, and internal stakeholders to ensure secure coding practices and vulnerability closure.
* Ensure compliance with ISO 27001, NIST, PCI DSS, and CIS benchmarks.
* Develop executive reports and dashboards highlighting risk trends, security posture, and remediation progress.
* Support audit readiness and maintain detailed documentation of all testing and remediation activities.

Ideal Profile

* Bachelor s degree in Cybersecurity, Computer Science, or Engineering.
* 5 7 years of experience in vulnerability management, penetration testing, and application security.
* Proven experience with DevSecOps and CI/CD pipeline integration.
* Hands-on expertise in securing hybrid, cloud, and on-prem environments.
* Strong knowledge of SIEM, IAM, WAF, EDR, CASB, and DLP systems.
* Relevant certifications such as OSCP, OSCE, GPEN, GWAPT, GCSA, or Certified DevSecOps Professional.
* Excellent communication, analytical, and leadership skills with the ability to manage cross-functional collaboration.

Skills Set

* Penetration Testing and Vulnerability Assessment
* Application Security and DevSecOps
* Red Teaming and Threat Simulation
* Cloud and Infrastructure Security
* Risk Governance and Compliance Reporting
* Secure Coding and API Protection