Enable job alerts via email!
Information Security Engineer
Gibraltar Technologies LLC
Dubai
On-site
AED 60,000 - 100,000
Full time
Boost your interview chances
Create a job specific, tailored resume for higher success rate.
Job summary
An established industry player is seeking a skilled security assessor to lead web application and API security evaluations. This role involves conducting in-depth security assessments, identifying vulnerabilities, and providing remediation guidance to ensure compliance with financial industry standards. The ideal candidate will have extensive experience in both manual and automated penetration testing, utilizing a variety of tools to enhance security measures. Join a dynamic team in a forward-thinking environment where your expertise will play a crucial role in safeguarding IT operations and advising senior management on best practices in the UAE's evolving security landscape.
Qualifications
- 5+ years of experience in security assessments and penetration testing.
- Strong understanding of OWASP Top 10 vulnerabilities and remediation.
Responsibilities
- Conduct web application and API security assessments.
- Develop proof-of-concept exploits and document findings.
- Automate security testing workflows and enhance methodologies.
Skills
Education
Tools
Job description
Direct message the job poster from Gibraltar Technologies LLC.
Working based in Abudhabi to conduct in-depth security assessments of web applications, APIs, and related components. The ideal candidate will have good experience in manual and automated penetration testing, identifying and exploiting vulnerabilities, and providing detailed remediation guidance.
Function involves expanding the info-sec functions into a fully fledged unit to achieve financial industry standards. Closely work with IT to protect all IT related activities and advise senior management of any best practices and vulnerability threats that exist in the UAE environment and recommend corrective action plans.
Key Responsibilities / Duties
- Web Application Security Assessments
- API Security Testing
- Exploitation and Proof-of-Concept Development
- Reporting and Documentation
- Tooling and Automation
Job Specifications
Technical Competency
- Assess applications for OWASP Top 10 vulnerabilities, including SQL Injection, XSS, CSRF, SSRF, IDOR, and authentication bypasses.
- Source code reviews.
- API penetration testing for REST, GraphQL, and WebSocket APIs.
- Vulnerability Classification using Industry Standards i.e CVSS and OWASP Risk Rating.
- Utilize tools such as Burp Suite, ZAP, SQLmap, Postman, and custom scripts for security testing.
- Automate security testing workflows using Python, Bash, or PowerShell.
- Research and develop custom security tools to enhance penetration testing methodologies.
- Should possess good leadership skills to work with IT and senior management.
Academic Qualifications
Diploma / Degree in Computer Science.
Professional Experience
More than five (5) years working experience in the relevant field.
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
job faster
