Description:
We have a urgent requirement for a Mobile Application Security Engineers to be based in Dubai, United Arab Emirates
This is an initial 1 year with possible extensions.
Responsibilities:
- Encourage ‘Shift Left’ Mindset – Proactively embed security requirements, by influencing implementation of security & privacy patterns from the start of the development cycle
- Implement via Influence – Influence stakeholders such as Product Owners, Solution Architects, Developers, Testers, Engineers & others to include security patterns into features, epics and stories in order to build secure, innovative & superior digital products for customers and employees
- Assessments – Perform security assessment and perform gap analysis to provide appropriate remediations to the teams for implementing the fixes. Key Skills – Web and Mobile Application Security, Security Code review, API security, Platform security, IAST, SAST, DAST,
- Tools and Technologies – Expertise Burp Suite, MobSF, Frida, Kali Linux, Nessus, Checkmarx SAST, Kubernetes, Docker, Jenkins, GitHub, OpenShift and good knowledge about microservice architecture and pipeline driven security
Qualifications:
- Bachelor’s degree in a computer-related field such as computer science, cyber/information security discipline, physics, mathematics or similar.
- Must have minimum 4 years of experience in an information security function with good background in information technology, stakeholder management and people management.
- Minimum 3 years of experience, as a Security Engineer especially in Cloud Native environments
- Deep foundational knowledge of Mobile Applications, Intensive skills on SSL pinning bypass, root / jailbreak bypass, core Mobile application exploitation Skillset.
- Experience working in a DevOps environment with knowledge of Continuous Integration, Containers, DAST/SAST tools and building Evil Stories (Technical)
Certifications Desirable
- General Information Security: CISSP, OSCP, CEH, CISM/CISA or similar
- General Cloud Security: CCSK /CCSP or similar
- Specific Cloud Security: AWS/Azure/GCP/Oracle Solution/Security or similar
- Network Security: CCNA, CCNP, CCIE, Certified Kubernetes Security Specialist