malomatia

Application Security Specialist (Onsite as a Service)

malomatia

Doha, Doha Municipality, Qatar · Full Time

Be the first to apply

Experience
3+ yrs
Salary
Openings
1
Posted
2 weeks ago
Work mode
In office
Education
Bachelor’s degree in Computer Science, Information Security, or a related field
Eligibility
Professionals with a background in application security, secure software development, or penetration testing who can work onsite in Doha, Qatar are eligible to apply. Candidates with relevant certifications and experience in DevSecOps are preferred.
Resume
Required to apply

Where you'll work

Job description

Role overview

We are hiring an Application Security Specialist to strengthen our Cybersecurity Practice and help protect client applications throughout the full software lifecycle. Based onsite in Doha, Qatar, this position focuses on securing web, mobile, API, and thick-client applications through testing, review, automation, and developer support.

You will work with application security, development, QA, and DevOps teams to identify weaknesses, validate risks, and introduce security controls early in design and throughout delivery. The role calls for deep technical knowledge, practical problem-solving, and the ability to turn technical findings into clear fixes that development teams can act on.

Core responsibilities

  • Carry out penetration testing across web, mobile, API, and thick-client applications, then document the results with risk ratings and remediation guidance.
  • Configure, adjust, and operate automated security testing solutions such as SAST, DAST, and SCA to spot issues in code, configurations, and third-party components.
  • Build and apply threat models to uncover likely attack paths and security exposures during the early stages of application design.
  • Inspect source code for security flaws and provide recommendations that are practical for developers to implement.
  • Embed security checks and controls into CI/CD workflows so that validation becomes a continuous part of delivery.
  • Support development and stakeholder teams with secure coding sessions, workshops, and awareness activities.
  • Evaluate application security tools and recommend improvements to testing and monitoring capabilities.
  • Maintain accurate records, standards, policies, and documentation related to vulnerability handling and security assessments.

Requirements

  • A bachelor’s or college degree in Computer Science, Information Security, or a related discipline.
  • At least 3 years of experience in application security, secure software development, penetration testing, or a similar field.
  • Hands-on experience with Burp Suite, which is required for this role.
  • Familiarity with tools such as Snyk, HCL AppScan, Fority, and Postman is preferred.
  • Strong understanding of secure coding practices and practical experience with at least one programming language.
  • Working knowledge of DevSecOps concepts and CI/CD pipeline integration is an advantage.
  • Solid grasp of application security concepts, common vulnerability types, exploitation approaches, and remediation methods.
  • Familiarity with OWASP Top 10, ASVS, MASVS, WSTG, and MSTG is expected.
  • Professional certifications such as OSWA, OSWE, eWPT, eWPTX, GIAC/SANS certifications, BCSP, or similar credentials are highly desirable.
  • Knowledge of Qatar National Information Assurance (NIA) standards will be considered a plus.

Additional information

This is a full-time onsite opportunity in Doha, Qatar. The role is focused on application security support delivered as a service for clients. No salary details, start date, application deadline, or number of vacancies were provided.

Leave it if you'd like a reply — we won't use it for anything else.

Click to browse, drag & drop, or paste a screenshot

PNG, JPG, GIF, MP4, WebM, MOV · Max 20MB each · Up to 5 files

🤖
Online · instant AI help