{{ flashMessage.message }} {{ flashMessage.linkText }} {{ flashMessage.linkText }} {{ flashMessage.linkText }}

Application Security Specialist

Dubai Police General HQ

Dubai, UAE

Dubai Police General HQ careers & jobs

Ref: QP430-01

Job description / Role

Employment: Full Time

The desired candidate will have strong expertise in Application Security Architecture practices, Secure Application Coding practices, security testing tools, common development and QA processes, and will have hands on with development, and majorly expertise in mobile application code review and application static/dynamic security testing, including necessary experience to create detailed technical specifications for security in applications.

RESPONSIBILITIES

In this role you are one of the foremost experts in Application Source Code Security Review -
- Lead application source code security engagements (Mobile Applications & Web Applications).
- Be seen by the organization as the trusted advisor and security expert.
- Should have experience in manual and any two automated source code review tools, with ability to work alone and as part of team
- Expected to drive and demonstrate application security core values, and be able to interface with various levels of development team members
- Participate in internal assessments, open-source, Secure Software Assurance Assessments.
- Support Vulnerability and Penetration Testers during the assessments.
- Document technical requirements for information/data and advise development teams on options, risks, and costs vs. benefits.
- Be able to conduct vulnerability assessment and Penetration testing using tools such as Kali Linux, Nessus, Nipper, Metasploit, Burp Suite etc, and also engage with any external third party vulnerability and penetration testers during their assessment
- Contribute to the development of security tools and process reference models that will enable security professionals and application developers to efficiently incorporate security solutions/controls into new projects.
- Support the development of security standards and best practices that will facilitate a consistent security profile across the organization

Requirements

Minimum Bachelor Degree in CS, E&C, IT Engineering Program (Degree Certificate will be subject to validation, attestation and accreditation by Ministry of Higher Education (MOHE) UAE.)

6 - 10+ years combined experience with both a detailed technical knowledge and hands-on practice working in security architecture, application and network penetration testing, secure software development

- Experience in an IT Risk organization or equivalent an Enterprise
- In depth knowledge of various technology products and infrastructure services. Experience with Java / Objective-C Source Code Audit, Java Development. In depth understanding of Mobile App Development including - IOS, Android, Web/Middleware (Apache, Tomcat, IIS, JMS/MQ, SOAP, JQUERY, JSON, AJAX)
- Experience with REST, JSON-RPC, XML
- Exhibit sound working knowledge about manually reviewing source code vulnerabilities (e.g. CSS, SQL injection, Directory traversal)
- Android and iOS Penetration Testing experience
- Experience of Static and Dynamic source code analysis tools such as HP Fortify, IBM Rational AppScan, etc
- Expert in Application Threat Modelling and Application Risk Assessment / Security Plan Development experience
- Have good experience in various security projects that range from System/Web/Mobile Application Penetration Tests to Reverse Engineering, Security Design and Architecture of critical Information Systems, and Information Security Management System (ISMS) implementation.
- Basic understanding of technology concepts, for example, firewall basics (layer 7 firewall versus network layer firewall), OSI stack, Proxy technologies, Active Directory/LDAP basics, asymmetric / symmetric encryption, IT Resiliency testing, VPNs, SSL, Secure SDLC, , IDS/IPS (host and network based), defect management, change management assurance, database technologies and concepts (e.g. DDL, DML, encryption options, compartmentalization (containers), etc.)

General Profile
- Minimum 6 - 10+ years in dedicated code-review environment
- Excellent communication and influencing skills, with demonstrable ability to debate issues, stand firm on principles yet remain sensitive to business/technology drivers.
- Highly motivated, comfortable taking the initiative and able to work collaboratively.
- Strong written and oral communication skills, including guiding difficult conversations.
- Strong organizational skills and the ability to coordinate multiple parallel work streams.

MANDATORY CERTIFICATIONS - (At least any one of the certifications)
- OSCP - Offensive Security Certified Professional
- OSCE - Offensive Security Certified Expert
- GSSP-JAVA - (GIAC Secure Software Programmer-Java)

About the Company

Dubai Police General HQ Dubai Police, is proud to be an Arab modern police establishment with a force of more than fifteen thousand employees who are characterized by their degrees of high-level multi specialties and training. We employ the best the best talented resources who work on cutting edge innovative technologies at Dubai Police General HQ, Smart Services Department. We are also proud to be one of the best security institutions, at all levels; locally, regionally, and globally.

Get personalised updates on latest vacancies
Sign up for Job Alerts
Explore Dubai Police General HQ careers
Advertise Here
Job Search Support
Get a Free CV Review
Get a professional CV
Find Top Talent
Explore Our CV Database Post a Job Now
Job Alerts by Email
  • Personalised updates on latest career opportunities
  • Insights on hiring and employment activity in your industry
  • Typically sent twice a month
Sign up for job alerts

Other Services

UAE Labour Law
UAE Public Holidays
Courses
Employment News
  • © GulfTalent 2024. All Rights Reserved.