This page was automatically translated and may contain errors. View in English.
DOHA BANK

IT Application Security Specialist

DOHA BANK

Doha, Doha Municipality, Qatar ・ フルタイム

最初に応募しよう

経験
8~12歳
給料
求人情報
1
投稿済み
3時間前
作業モード
在任中
教育
Bachelor's degree in Computer Science or related field
再開する
応募必須

勤務地

仕事内容

About the Role

The IT Application Security Specialist will spearhead the development, implementation, and management of application security across enterprise-wide systems. The role ensures applications are safeguarded by design and comply with internal policies plus regulatory mandates.

Key Responsibilities

  • Develop and uphold the enterprise-wide application security framework.
  • Incorporate secure-by-design principles into all applications.
  • Track security effectiveness through key performance indicators, such as vulnerability mitigation and resolution times.
  • Enhance the maturity of application security continually.
  • Design secure system architectures for applications, APIs, and microservices, leading threat modeling exercises using methodologies like STRIDE.
  • Enforce security design patterns including authentication, encryption, and data protection techniques and actively participate in architecture governance.
  • Integrate security processes and tools into CI/CD workflows, including managing SAST, DAST, and SCA solutions.
  • Define and apply secure coding standards guided by OWASP Top 10 vulnerabilities while automating security checks in development pipelines.
  • Design and maintain secure cloud architectures on platforms such as AWS and Azure, applying Identity and Access Management and Zero Trust concepts.
  • Secure container environments such as Kubernetes and OpenShift; implement monitoring, logging, and threat detection measures in cloud environments.
  • Coordinate comprehensive security testing, including vulnerability assessments, penetration tests, and ensure effective remediation of discovered vulnerabilities.
  • Collaborate closely with Security Operations Centers to bolster monitoring and incident response, supporting SIEM use cases and security trend analysis.
  • Ensure compliance with standards and regulations like PCI DSS, SWIFT CSP, and ISO 27001; support audits and develop security policies and procedures.
  • Serve as a trusted advisor by providing security guidance to development, DevOps, and architecture teams and conduct training on secure coding.

Qualifications and Experience

  • Bachelor's degree in Computer Science, Cybersecurity, Software Engineering, or related fields.
  • Minimum of 8 to 12 years of cybersecurity experience, with strong emphasis on application security, DevSecOps, and cloud security.
  • Experience in financial services or banking industries is preferred.

Required Skills and Competencies

  • In-depth knowledge of OWASP Top 10 vulnerabilities and secure coding methods.
  • Expertise in secure software development lifecycle and threat modeling techniques.
  • Strong understanding of API and web application security concepts.
  • Proficiency with security testing tools such as SAST, DAST, and Software Composition Analysis (SCA).
  • Experience with cloud platforms, particularly AWS and Azure, including container security with Kubernetes/OpenShift.
  • Familiarity with SIEM systems, vulnerability management, and continuous security monitoring.
  • Excellent analytical thinking, communication, and stakeholder engagement capabilities.
  • Capability to influence cross-departmental teams and detailed risk awareness.

Certifications

  • At least two of the following are required: CISSP, CCSP, CISM, or CRISC.
  • Preferred certifications include CEH, Microsoft Azure Security Engineer (AZ-500), AWS Security Specialty, or OSCP.

Additional Information

  • This position requires close interaction with development, infrastructure, and security teams.
  • The role combines strategic planning with active technical involvement.
  • Experience working in regulated environments is an advantage.

返信をご希望の場合は、そのまま残してください。それ以外の目的には一切使用いたしません。

クリックして閲覧ドラッグ&ドロップ、または ペースト スクリーンショット

PNG、JPG、GIF、MP4、WebM、MOV形式 · 各ファイル最大20MB · 最大5ファイルまで

🤖
オンライン・即時AIサポート