Manager & Application Security

The role is responsible for leading the design, development, implementation, and management of application and software security strategies across the organization. This role oversees application security architecture, supports secure development practices, conducts security assessments, and collaborates with cross-functional teams to ensure applications are designed and deployed securely.

• Perform secure programming by identifying potential code flaws and mitigating vulnerabilities, ensuring cybersecurity is integrated throughout development, maintenance, and decommissioning.
• Conduct risk analysis and evaluate software and system changes to recommend modifications that enhance security and meet user needs within time and budget constraints.
• Apply cybersecurity functions such as encryption, access control, identity management, and public key infrastructure to reduce exploitation risks.
• Develop, test, and document secure code following security standards, including proper error handling and secure coding practices.
• Prepare detailed workflow diagrams and documentation that describe the logical operation and security controls of software systems.
• Translate security requirements into application design, including threat modeling, attack surface documentation, and defining specific security criteria.
• Collaborate with engineering teams and customers to design, develop, and maintain secure cybersecurity software systems.
• Modify and maintain existing software by correcting errors, adapting to new hardware, upgrading interfaces, and documenting software patches to prevent vulnerabilities.
• Devise creative exploits, solutions, and techniques to discover software vulnerabilities and improve overall security posture.
• Perform any other duties assigned to by line manager related to the nature of the work.
• Enforce, incorporate, and comply with all necessary controls and related information security policies, procedures, practices, training, reporting, personal due diligence and vigilance, within departmental/unit activities and operations.

Preferred Qualifications

• A tertiary level qualification from a recognized institution
• Industry-recognized certifications

Years & Nature of Experience

• Recommended to be 3 to 5 years of relevant experience
• Proficient in conducting comprehensive vulnerability scans and accurately identifying security weaknesses within systems.
• Experienced in designing and implementing effective countermeasures to mitigate identified security risks.
• Skilled in writing clean, efficient code using currently supported programming languages.
• Adept at designing thorough cybersecurity test plans to ensure system resilience.
• Experienced in integrating public key infrastructure (PKI), encryption, and digital signature capabilities into applications.
• Proficient in utilizing advanced code analysis tools to detect and resolve security issues.
• Skilled in performing root cause analysis to diagnose and address cybersecurity incidents.
• Knowledgeable in applying cybersecurity and privacy principles to meet organizational policies and compliance requirements.
• Experienced in software debugging to identify and correct errors effectively.
• Capable of developing and applying mathematical and statistical models for security analysis and problem solving.
• Information security frameworks
• Programming and Testing
• Threat Modelling and Risk Assessment
• Communication
• Problem Solving
• Analytical Thinking
• Complex Reasoning

D360 Bank is a shariah-compliant digital bank that aims to provide the best financial experience in the Kingdom. Our Vision: To reinvent finance through innovation & technology making it convenient, accessible & fair to all.

Embarking on a thrilling journey with the D360 Bank Technology team places you on the frontline of a revolutionary transformation in the financial and banking sector. Embrace the opportunity to immerse yourself in the world of DevOps philosophies, spearheading essential advancements in our applications and services. We wholeheartedly embrace the power of codification, employing cutting-edge Infrastructure and Configuration as code techniques, as well as automation, immutability, CI/CD, and scalability. All these endeavors are driven by our unwavering commitment to the ultimate satisfaction and security of our esteemed customers and users. Within our continuously compliant environment, you will play a vital role in shaping the future of banking technology, paving the way for unprecedented innovation and success.