Track This Job
Add this job to your tracking list to:
- Monitor application status and updates
- Change status (Applied, Interview, Offer, etc.)
- Add personal notes and comments
- Set reminders for follow-ups
- Track your entire application journey
Save This Job
Add this job to your saved collection to:
- Access easily from your saved jobs dashboard
- Review job details later without searching again
- Compare with other saved opportunities
- Keep a collection of interesting positions
- Receive notifications about saved jobs before they expire
AI-Powered Job Summary
Get a concise overview of key job requirements, responsibilities, and qualifications in seconds.
Pro Tip: Use this feature to quickly decide if a job matches your skills before reading the full description.
A well established and fast growing IT company is seeking a Security Engineer – Tooling & DevSecOps to join its dynamic team in Dubai, UAE. This is a full time, on site role for someone passionate about building secure systems, automating security at scale, and embedding security into the heart of development and operations.
Role Summary
The Security Engineer – Tooling & DevSecOps will be responsible for building and maintaining the shared automation backbone that supports security operations and the product development lifecycle. You will focus on eliminating manual security overhead by creating reliable pipelines for security scanning, telemetry, and evidence management, while embedding security seamlessly into DevOps workflows.
Key Responsibilities
- Integrate security testing tools (SAST, DAST, SCA) into CI/CD pipelines (GitHub, GitLab, Jenkins).
- Implement security checks for Infrastructure as Code (IaC) and container images (Terraform, CloudFormation, Docker).
- Coordinate and automate large-scale security scans using tools such as ZAP, Nuclei, and Semgrep.
- Parse, normalize, and integrate scan results into vulnerability management platforms with effective de-duplication.
- Build and maintain log ingestion pipelines for endpoint, cloud, and identity platforms.
- Standardize reusable security assets such as scan templates, detection rules, and threat-hunting resources.
- Manage lab and sandbox environments using IaC (Terraform/Ansible) for security testing and exercises.
- Identify process inefficiencies and create clear documentation to drive adoption across engineering and security teams.
Qualifications & Requirements
- Strong experience with Python or Go for automation, pipelines, and API integrations.
- Hands-on experience with modern CI/CD platforms and Git-based workflows; GitOps exposure is a plus.
- Practical experience with security tooling such as ZAP, Semgrep, Nuclei, and common scan output formats (SARIF, JSON, SBOM).
- Experience with Docker, Kubernetes, and at least one major cloud platform (AWS or Azure).
- Background in log processing, schema mapping, and streaming technologies (Kafka, Kinesis, or similar).
- Familiarity with Terraform, CloudFormation, Ansible, or equivalent IaC/configuration tools.
- Ability to work closely with engineering and security teams to translate requirements into effective tooling.
If you are passionate about DevSecOps, automation, and building secure systems at scale, and want to work on challenging, high impact projects in a fast growing IT company, we encourage you to apply!
Key Skills
Ranked by relevanceReady to apply?
Join Tandem Search and take your career to the next level!
Application takes less than 5 minutes