Application Security Engineer

A Little Bit About Us!

At Snoonu, we believe that technology has the power to make anything possible.

Our Vision: To be the first Qatari Super App that propels the region and its community through innovation and technology. We envision a global expansion where what we do surpasses norms and limitations every time.

Our Mission: To radically transform how people live by leveraging technology to connect them with endless possibilities.

Values We LiveBy:

• Be Customer Obsessed: “Focus on the customer and all else will follow."
• Act with Integrity: “We are honest, ethical, and trustworthy in everything we do."
• Be Curious and Creative: “We constantly innovate and create solutions to bring a lasting positive impact."
• Lead by Example and Take Ownership: “Be the change you want to see and take ownership."
• Work Smart and Deliver Results: “You can do more by doing less, better, and faster."
• It's All About People: “Be a team player; together we are stronger."

Job Overview

We are seeking an Application Security Engineer to help protect our company’s applications from security risks. You will work with developers, DevOps, and security teams to make sure security is included in the SDLC. Your role will be to find, assess, and fix security issues in our applications and promote a strong security culture.

Responsibilities

• Create and manage security strategies to protect applications from cyber threats.
• Check applications for security weaknesses by using tools and testing methods.
• Work with developers to add security to the SDLC and CI/CD pipelines.
• Implement and manage security tools like SAST, DAST, and SCA to find and fix vulnerabilities.
• Review third-party software and APIs to ensure they meet security standards.
• Provide security awareness training to developers, focusing on secure coding.

Qualifications:

Basic:

• 5+ years of experience in cybersecurity, with at least 2 years in application security.
• Good knowledge of secure coding and how to prevent common vulnerabilities (OWASP Top 10).Experience securing cloud applications (AWS, GCP).
• Hands-on experience with security tools (SAST, DAST, SCA, Snyk, Sonarqube, Nessus, etc.).
• Ability to promote security awareness and educate teams on best practices.
• Experience with GitHub security features (code scanning, secret scanning).
• Strong analytical and problem-solving skills.
• Good teamwork and communication skills in a fast-paced environment.

Good to Have:

• Experience in pen testing.
• Certifications such as OSCP, CISSP, GSEC, CASE.Knowledge of DevSecOps and security automation in CI/CD.
• Experience handling security incidents related to applications.