Qatar's largest employment website since 2004

Job Description

Application Security Engineer for our Qatar operations with the following skill sets and terms and conditions: A skilled Application Security Engineer to add a security focus into every aspect of the software development life cycle. The Application Security Engineer will work together with Development, Testing and Corporate Security Groups to deliver a security compliant, robust and reliable product. The ideal candidate will have a software security and development background and experience with Java ASP.Net, C# with ESAPI. The ideal candidate should have 4 yrs of Web Development experience in .Net Technologies and 4 yrs experience in Application Security. Technical Knowledge and skills • Experience with encryption, cryptographic standards, communication protocols, security standards and vulnerabilities. • Working knowledge of web and mobile application development and security vulnerabilities • Hands on experience with encryption, cryptographic standards, communication protocols and security standards. • Strong familiarity with multiple software security paradigms, with Certified Secure Software Lifecycle Professional CSSLP, or other information security certifications. • Detailed technical knowledge of techniques, standards and state-of-the art capabilities for authentication and authorization, applied cryptography, security vulnerabilities and remediation (such as OAuth2, OpenConnect, WS-Security, SAML) and expertise over OWASP ESAPI • A solid understanding of attack vectors, exploits, and hacking tools. • Experience with various security tools and products (Fortify, AppScan, Burp Suite). • Experience with Enterprise Cloud Software environments • Knowledge of web related technologies as per OWASP standard • BS in Computer Science or similar technical field. • 4+ years proven work experience as a Software Security Engineer. • 4+ years of Experience in Software Development Qualification/ Experience/Certification: A Bachelor of Science in Computer Science major in Information Systems More than 8 years IT experience concentrating on Software Development and Application Security Principal Accountabilities: • Hands on Experience in implementing OWASP, ISO/IEC 27034 Application Security Controls • Implement End to End Software Development Life Cycle of Internal and External developed Applications • Perform on-going security code and testing review to improve software security • Perform security risk analysis, threat modelling and attack surface reduction review with security code reviews • Review, analyze, and evaluate both internally developed software and vendor products and procedures to address security requirements. • Provide security guidelines for the organization to protect critical applications.