Senior Application Security Engineer- UA National

• Lead security software development review for new product features and enhancements.
• Plan and execute threat modelling activities within the software development lifecycle [following Safe Agile] to assess the security controls required for a given application.
• Provide application security guidance and oversight across Security, Engineering & Product teams by participating in design, architecture, and code reviews.
• Plan, scope and execute application security reviews and engage with product teams and developers to clarify security requirements.
• Validate, triage, and coordinate with software development team to remediate the vulnerabilities discovered through threat modelling and design review activities.
• Raising incidents, working on incidents with Operations and Development teams to ensure proper and rapid fixes.
• Provide subject matter expertise on security controls, and secure coding and design practices across development teams.
• Making sure that all solutions are in line with GDPR and UAE Data Protection Laws
• Understanding the architecture of various cloud (GCP/OCI/Azure) components related to compute, storage, network, and security.
• Able to understand and translate the security concerns/suggestions raised during assessment of solutions by DEVSECOPS.
• Able to provide the workaround of the security issue in case the suggested solution cannot be implemented due to time, cost, or scope limitations.
• Developing and maintaining documentation of application security controls
• Understand OWASP and align coding practices accordingly

Job Type: Full-time