Description:
We have an urgent requirement for a Web Application Security Engineer for an initial 1-year contract to be based in Dubai, UAE.
As a Web Application Security Engineer, you will play a vital role in ensuring the security and integrity of our web applications, protecting our systems
Responsibilities:
- Conduct comprehensive security assessments and penetration tests on web applications to identify vulnerabilities, using a variety of testing methodologies.
- Utilize your expertise in OWASP Top 10 to identify and prioritize security risks and potential weaknesses within web applications.
- Work closely with development teams to provide guidance and support in implementing secure coding practices and resolving identified security vulnerabilities.
- Analyze and assess security controls and configurations within microservice-based architectures, ensuring that appropriate security measures are implemented at each layer.
- Design and implement solution architectures that encompass perimeter protection, core protection, and end-point protection/detection for web applications and APIs/microservices.
- Stay up to date with the latest trends and developments in web application security, and provide recommendations for improving the overall security posture of our applications.
- Collaborate with DevOps teams to integrate security practices into the software development life cycle, ensuring security is considered throughout the entire development process.
- Possess knowledge and experience with continuous integration and deployment (CI/CD) practices, containers, and container security.
- Familiarity with Dynamic Application Security Testing (DAST) and Static Application Security Testing (SAST) tools, and experience in utilizing these tools to identify vulnerabilities.
- Demonstrate the ability to create “Evil Stories” (threat modeling exercises) to identify potential security flaws and mitigate risks proactively.
Qualifications:
- Bachelor’s degree in Computer Science, Information Security, or a related field.
- Proven experience as a Web Application Security Engineer or similar role, with a strong focus on web application security.
- In-depth knowledge of the OWASP Top 10 vulnerabilities and best practices for mitigating them.
- Strong understanding of microservice-based architecture and the security challenges associated with it.
- Proficient in solutioning technology architectures that involve perimeter protection, core protection, and end-point protection/detection, especially in the context of web applications and APIs/micro services.
- Experience working in a DevOps environment, with a solid understanding of CI/CD practices and containerization.
- Familiarity with DAST/SAST tools and the ability to effectively use them for vulnerability assessments and security testing.
- Excellent problem-solving skills and the ability to think critically and analytically.