This page was automatically translated and may contain errors. View in English.
DOHA BANK

IT Application Security Specialist

DOHA BANK

Doha, Doha Municipality, Qatar · Tempo pieno

Sii il primo a candidarti

Esperienza
8–12 anni
Stipendio
Aperture
1
Pubblicato
12 ore fa
Modalità di lavoro
In ufficio
Istruzione
Bachelor's degree in Computer Science or related field
Riprendere
È necessario candidarsi

Dove lavorerai

Descrizione del lavoro

About the Role

The IT Application Security Specialist will spearhead the development, implementation, and management of application security across enterprise-wide systems. The role ensures applications are safeguarded by design and comply with internal policies plus regulatory mandates.

Key Responsibilities

  • Develop and uphold the enterprise-wide application security framework.
  • Incorporate secure-by-design principles into all applications.
  • Track security effectiveness through key performance indicators, such as vulnerability mitigation and resolution times.
  • Enhance the maturity of application security continually.
  • Design secure system architectures for applications, APIs, and microservices, leading threat modeling exercises using methodologies like STRIDE.
  • Enforce security design patterns including authentication, encryption, and data protection techniques and actively participate in architecture governance.
  • Integrate security processes and tools into CI/CD workflows, including managing SAST, DAST, and SCA solutions.
  • Define and apply secure coding standards guided by OWASP Top 10 vulnerabilities while automating security checks in development pipelines.
  • Design and maintain secure cloud architectures on platforms such as AWS and Azure, applying Identity and Access Management and Zero Trust concepts.
  • Secure container environments such as Kubernetes and OpenShift; implement monitoring, logging, and threat detection measures in cloud environments.
  • Coordinate comprehensive security testing, including vulnerability assessments, penetration tests, and ensure effective remediation of discovered vulnerabilities.
  • Collaborate closely with Security Operations Centers to bolster monitoring and incident response, supporting SIEM use cases and security trend analysis.
  • Ensure compliance with standards and regulations like PCI DSS, SWIFT CSP, and ISO 27001; support audits and develop security policies and procedures.
  • Serve as a trusted advisor by providing security guidance to development, DevOps, and architecture teams and conduct training on secure coding.

Qualifications and Experience

  • Bachelor's degree in Computer Science, Cybersecurity, Software Engineering, or related fields.
  • Minimum of 8 to 12 years of cybersecurity experience, with strong emphasis on application security, DevSecOps, and cloud security.
  • Experience in financial services or banking industries is preferred.

Required Skills and Competencies

  • In-depth knowledge of OWASP Top 10 vulnerabilities and secure coding methods.
  • Expertise in secure software development lifecycle and threat modeling techniques.
  • Strong understanding of API and web application security concepts.
  • Proficiency with security testing tools such as SAST, DAST, and Software Composition Analysis (SCA).
  • Experience with cloud platforms, particularly AWS and Azure, including container security with Kubernetes/OpenShift.
  • Familiarity with SIEM systems, vulnerability management, and continuous security monitoring.
  • Excellent analytical thinking, communication, and stakeholder engagement capabilities.
  • Capability to influence cross-departmental teams and detailed risk awareness.

Certifications

  • At least two of the following are required: CISSP, CCSP, CISM, or CRISC.
  • Preferred certifications include CEH, Microsoft Azure Security Engineer (AZ-500), AWS Security Specialty, or OSCP.

Additional Information

  • This position requires close interaction with development, infrastructure, and security teams.
  • The role combines strategic planning with active technical involvement.
  • Experience working in regulated environments is an advantage.

Lasciate questo messaggio se desiderate una risposta: non lo useremo per nessun altro scopo.

Clicca per navigare, trascina e rilascia, oppure impasto uno screenshot

PNG, JPG, GIF, MP4, WebM, MOV · Dimensione massima 20 MB ciascuno · Fino a 5 file

🤖
Assistenza online tramite intelligenza artificiale immediata