Application Security Engineer

Snoonu is Qatar’s homegrown Super App, reinventing daily life with blazing-fast delivery, shopping, and more. They are seeking an Application Security Engineer to protect their applications from security risks by collaborating with developers, DevOps, and security teams to integrate security into the software development lifecycle.

Responsibilities:

• Create and manage security strategies to protect applications from cyber threats
• Check applications for security weaknesses by using tools and testing methods
• Work with developers to add security to the SDLC and CI/CD pipelines
• Implement and manage security tools like SAST, DAST, and SCA to find and fix vulnerabilities
• Implement and manage AI scanning solutions
• Review third-party software and APIs to ensure they meet security standards
• Provide security awareness training to developers, focusing on secure coding

Requirements:

• 5+ years of experience in cybersecurity, with at least 2 years in application security
• Good knowledge of secure coding and how to prevent common vulnerabilities (OWASP Top 10)
• Experience securing cloud applications (AWS, GCP)
• Hands-on experience with security tools (SAST, DAST, SCA, GHAS, Snyk, Sonarqube, Nessus, etc.)
• Perform and facilitate detailed threat modeling exercises across new and existing application features to identify design-level security flaws early in the SDLC
• Ability to promote security awareness and educate teams on best practices
• Experience with GitHub security features (code scanning, secret scanning)
• Strong analytical and problem-solving skills
• Good teamwork and communication skills in a fast-paced environment
• Experience in pentesting
• Certifications such as OSCP, CISSP, GSEC, CASE
• Knowledge of DevSecOps and security automation in CI/CD
• Familiarity with security frameworks and best practices for AI models, such as addressing risks like data poisoning and model evasion
• Experience handling security incidents related to applications