Enable job alerts via email!
Senior Information Security Engineer
ELEVUS ‑ PEOPLE & BUSINESS RESULTS, LDA
Doha
On-site
QAR 400,000 - 600,000
Full time
Job summary
A leading technology firm in Doha is seeking a Senior Information Security Engineer to conduct penetration testing, assess network security, and integrate security into the software development lifecycle. The ideal candidate has over 4 years of experience, strong skills in security tools, and excellent communication abilities.
Qualifications
- 4+ years of experience in Information Security focusing on application and network penetration testing.
- Hands-on experience with penetration testing tools.
- Strong knowledge of mobile application security and API testing methodologies.
Responsibilities
- Conduct penetration testing on web applications, APIs, and mobile applications.
- Perform network penetration testing and vulnerability assessments.
- Integrate security practices into the software development lifecycle.
Skills
Tools
Perform web application, API, and mobile application penetration testing using industry-leading methodologies (OWASP, PTES, etc.).
Conduct network penetration testing and infrastructure security assessments.
Execute Vulnerability Assessment and Penetration Testing (VAPT) engagements, document findings, and recommend remediations.
Integrate security into the Software Development Lifecycle (SDLC) and advise development teams on secure coding practices.
Develop, enhance, and maintain security testing frameworks and tools.
Review and validate security patches, mitigations, and fixes.
Stay updated on the latest attack techniques, exploits, and threat landscapes to enhance testing methodologies.
Collaborate with cross-functional teams to support security awareness and risk reduction efforts.
46 years of experience in Information Security, with a focus on application and network penetration testing.
Hands-on experience with tools like Burp Suite, OWASP ZAP, Metasploit, Nmap, Nessus, and other manual testing tools.
Deep understanding of OWASP Top 10, SANS Top 25, and common exploitation techniques.
Experience in secure SDLC practices and working with development teams to resolve findings.
Strong knowledge of mobile application security (iOS and Android) and API testing methodologies.
Excellent report writing and communication skills for both technical and non-technical stakeholders.
OSCP (Offensive Security Certified Professional)
OSWE (Offensive Security Web Expert)
eWPT / eWPTX (eLearnSecurity Web Application Penetration Tester)
PNPT (Practical Network Penetration Tester)
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
job faster
Follow us
