Application Security Expert

Responsibilities:

You will lead application security initiatives across the SDLC, ensuring that security is embedded from design to deployment. Your role will cover:

✅ Secure Software Development

• Integrate security into the SDLC
• Conduct code reviews and promote secure coding practices

✅ Security Testing & Audits

• Perform penetration tests
• Automate security testing (SAST, DAST, IAST) in CI/CD pipelines
• Conduct audits to ensure compliance (QCB, PCI DSS, ISO 27001)

✅ Vulnerability & Threat Management

• Identify, prioritize, and track vulnerabilities
• Conduct threat modeling and risk assessments

✅ Incident Response

• Lead investigations and remediation of application-related incidents
• Perform root cause analyses post-incident

✅ Tooling & Automation

• Manage security tools and integrate testing into CI/CD pipelines

What We’re Looking For:

10+ years in Application Security, ideally with 5+ years in the financial sector

Strong grasp of SDLC, DevSecOps, and secure coding

Familiarity with frameworks: OWASP, NIST, CWE, SANS

Experience with tools: SAST, DAST, SCA, penetration testing platforms

Preferred Certifications

• CISSP, CEH, OSCP, CCSP (any combination is a plus)