Manager - Application Security | Riyadh, SA

Job Description

The role is responsible for leading the design, development, implementation, and management of application and software security strategies across the organization. This role oversees application security architecture, supports secure development practices, conducts security assessments, and collaborates with cross-functional teams to ensure applications are designed and deployed securely.

Responsibilities

• Perform secure programming by identifying potential code flaws and mitigating vulnerabilities, ensuring cybersecurity is integrated throughout development, maintenance, and decommissioning.
• Conduct risk analysis and evaluate software and system changes to recommend modifications that enhance security and meet user needs within time and budget constraints.
• Apply cybersecurity functions such as encryption, access control, identity management, and public key infrastructure to reduce exploitation risks.
• Develop, test, and document secure code following security standards, including proper error handling and secure coding practices.
• Prepare detailed workflow diagrams and documentation that describe the logical operation and security controls of software systems.
• Translate security requirements into application design, including threat modeling, attack surface documentation, and defining specific security criteria.
• Collaborate with engineering teams and customers to design, develop, and maintain secure cybersecurity software systems.
• Perform integrated quality assurance testing and trial runs to verify functionality, security levels, and resilience of software applications.
• Modify and maintain existing software by correcting errors, adapting to new hardware, upgrading interfaces, and documenting software patches to prevent vulnerabilities.
• Devise creative exploits, solutions, and techniques to discover software vulnerabilities and improve overall security posture.
• Perform any other duties assigned to by line manager related to the nature of the work
• Enforce, incorporate, and comply with all necessary controls and related information security policies, procedures, practices, training, reporting, personal due diligence and vigilance, within departmental/unit activities and operations.

Qualifications

Preferred Qualifications

• A tertiary level qualification from a recognized institution
• Industry-recognized certifications

Years & Nature of Experience

• Proficient in conducting comprehensive vulnerability scans and accurately identifying security weaknesses within systems.
• Experienced in designing and implementing effective countermeasures to mitigate identified security risks.
• Skilled in writing clean, efficient code using currently supported programming languages.
• Adept at designing thorough cybersecurity test plans to ensure system resilience.
• Experienced in integrating public key infrastructure (PKI), encryption, and digital signature capabilities into applications.
• Proficient in utilizing advanced code analysis tools to detect and resolve security issues.
• Skilled in performing root cause analysis to diagnose and address cybersecurity incidents.
• Knowledgeable in applying cybersecurity and privacy principles to meet organizational policies and compliance requirements.
• Experienced in software debugging to identify and correct errors effectively.
• Capable of developing and applying mathematical and statistical models for security analysis and problem solving.

Technical Competencies

• Information security frameworks
• Programming and Testing
• Threat Modelling and Risk Assessment

Behavioral Competencies

• Communication
• Problem Solving
• Attention to detail
• Analytical Thinking
• Complex Reasoning

About Us

D360 Bank is a shariah-compliant digital bank that aims to provide the best financial experience in the Kingdom. Our Vision: To reinvent finance through innovation & technology making it convenient, accessible & fair to all.

About the Team

Embarking on a journey with the D360 Bank Risk Management team grants you a remarkable opportunity to steer our triumphs and fortify our future. As a valued member, you will assume a pivotal role in owning and orchestrating our enterprise-wide risk policy framework and strategies. Your expertise will encompass identifying, evaluating, and mitigating risks entwined with D360's diverse activities. Joining our esteemed risk management team means actively shaping the forefront of pioneering risk management techniques and state-of-the-art technologies. We firmly believe in embracing innovation to elevate our risk management prowess and fuel enduring progress.

Find thousands of job opportunities by signing up to eFinancialCareers today.