Application Security Analyst

Job description / Role

As an Application Security Analyst, the primary responsibilities of this role are to provide advice and assurance to ADSS that applications conform to the standards directed from senior management as per ADSS security policy. The position holder will provide advice and guidance to both the engineering and product teams and perform security architecture design reviews and provide detailed application threat modelling. The position holder will also be responsible for testing applications are free of OWASP top 10 vulnerabilities and also infrastructure testing will also be a clear advantage. Other critical areas will include application forensic incident response and application security architectural consultancy and design assurance so a balanced skill set is essential.

Job Purpose:

• Testing web application attacks, defense strategies including those found in the OWASP Top 10,
• Perform detailed threat modelling, applied research on new attacks techniques and methodologies,
• Web application architecture security, design and recommending remediation for vulnerabilities,
• Incident response and evaluate/develop security tools for internal use,
• Any other responsibilities that server the team and company.

Requirements

• At least 7 years of IT security experience is required, in which 3 to 5 years of experience must be in an application security design and testing position,
• Demonstrable experience within an international financial services firm (preferred).
• Penetration Testing/Red Team exercises, CBEST, advanced data exfiltration techniques,
• Web application security specialism and deep understanding,
• Assist with updating existing detection and prevention capabilities,
• Competency in Secure Architecture & Design principles for applications,
• Effective communication skills and the ability to work collaboratively,
• The browser security model, cryptography and network security,
• Application security best-practices to mitigate security vulnerabilities.
• Being able to understand, trigger, and explain common web and mobile vulnerabilities
• Contribution to open source community spaces (bug bounty’s, hacker cons etc.)

About the Company

Abu Dhabi-based ADS Securities provides sophisticated forex, bullion and commodities trading solutions to institutional and professional investors.

Current clients include global and regional hedge funds, central banks, asset managers, market-using banks, other non-bank financial institutions and qualified trading professionals.

ADS Securities is the fastest growing Middle East based trading platform which brings together excellence in technology, world class liquidity and international standards of service to provide traders with exceptional spreads and prices.

Located in a stable and resilient marketplace, with a high level of capitalisation, ADS Securities is developing a new and dynamic forex market. Leveraging its relationships with tier 1 primary brokers and liquidity provides and by bringing in regional liquidity, ADS Securities is extending the trading hours of the major markets – bridging liquidity flows from the far-east to Europe, maintaining spreads and prices for 24/7 investors.