Job Type
Full-time
Work Type
On-Site
Location
Doha, Qatar
Experience
10 - 15 years
- Conduct dynamic and static application security testing (DAST/SAST) to identify vulnerabilities in web, API, and cloud applications.
- Perform manual code reviews, recommend secure coding practices, and apply fixes to enhance security.
- Execute risk assessments and apply threat modeling frameworks (STRIDE, DREAD) to identify and mitigate security risks.
- Integrate security tools into the CI/CD pipeline to automate security testing using DevSecOps practices.
- Analyze and reduce false positives/negatives from automated security tool results.
- Investigate and respond to application security incidents, collecting evidence and applying remediation.
- Stay updated with industry standards like OWASP Top 10, PCI DSS, NIA, and NIST.