Application Security Specialist
Job Fit Check
Base Career helps you apply smarter for this job.
Key skills for this role
About the Role
malomatia is seeking an Application Security Specialist to strengthen application security across the full lifecycle. The role involves penetration testing, secure code reviews, threat modeling, and integrating security into CI/CD pipelines.
Key Skills for This Role
Responsibilities
- Conduct penetration testing across web, mobile, API, and thick client applications
- Perform automated security scanning (SAST, DAST, SCA) to identify vulnerabilities
- Carry out threat modelling during the design phase to identify risks and define mitigation strategies
- Perform secure code reviews and provide developer friendly remediation guidance
- Integrate security controls into CI/CD pipelines to enable DevSecOps practices
- Develop and deliver secure coding training and awareness sessions for development teams
- Evaluate and recommend application security tools and technologies
- Prepare and maintain documentation for security assessments, vulnerabilities, and application security standards
Requirements
- 3+ years of experience in application security, secure software development, or penetration testing
- Strong hands on experience with web, mobile, API, and application security testing
- Proficiency with Burp Suite
- Strong understanding of secure coding practices and at least one programming language
- Experience with DevSecOps and CI/CD pipeline integration
- Strong knowledge of OWASP Top 10, ASVS, MASVS, WSTG, and MSTG
- Understanding of vulnerability classes, exploitation techniques, and remediation approaches
- Strong analytical, reporting, and communication skills
- Bachelor's degree in Computer Science, Information Security, or related field
Full Job Posting
About the Role
- We are seeking a skilled Application Security Specialist to strengthen the security of applications across their full lifecycle.
- You will work closely with development, DevOps, and QA teams to ensure secure design, development, and deployment of web, mobile, API, and thick client applications.
- The role focuses on identifying vulnerabilities, performing security testing, enabling secure coding practices, and integrating security into CI/CD pipelines as part of a DevSecOps approach.
Key Responsibilities
- Conduct penetration testing across web, mobile, API, and thick client applications.
- Perform automated security scanning (SAST, DAST, SCA) to identify vulnerabilities in code, configurations, and dependencies.
- Carry out threat modelling during the design phase to identify risks and define mitigation strategies.
- Perform secure code reviews and provide developer friendly remediation guidance.
- Integrate security controls into CI/CD pipelines to enable DevSecOps practices.
- Develop and deliver secure coding training and awareness sessions for development teams.
- Evaluate and recommend application security tools and technologies.
- Prepare and maintain documentation for security assessments, vulnerabilities, and application security standards.
Required Skills & Experience
- 3+ years of experience in application security, secure software development, or penetration testing.
- Strong hands on experience with web, mobile, API, and application security testing.
- Proficiency with Burp Suite (required) and familiarity with tools such as Snyk, HCL AppScan, Fortify, and Postman.
- Strong understanding of secure coding practices and at least one programming language.
- Experience with DevSecOps and CI/CD pipeline integration.
- Strong knowledge of OWASP Top 10, ASVS, MASVS, WSTG, and MSTG.
- Understanding of vulnerability classes, exploitation techniques, and remediation approaches.
- Strong analytical, reporting, and communication skills.
Qualifications
- Bachelor's degree in Computer Science, Information Security, or related field.
Preferred Certifications
- OffSec (OSWA, OSWE)
- eLearnSecurity (eWPT, eWPTX)
- GIAC / SANS (SEC542, GWAPT)
- Other relevant application security certifications
Additional Advantage
- Knowledge of Qatar National Information Assurance (NIA) framework.
Apply for this job in 1 click
Skip the repetitive application forms
Install the Base Career Chrome Extension and autofill job applications across major job boards with your profile.
Trusted by over 500,000 job seekers on Base Career
More from this employer
More jobs at malomatia
SOC Thread Specialist
Doha, QAT
Malomatia seeks a SOC Threat Specialist to protect IT and OT environments by detecting, investigating, and hunting cyber threats. The role requires 10 years of information security experience, threat hunting, and malware
Red Team Expert
Doha, QAT
Malomatia in Doha seeks a Red Team Expert to join their Cyber Assurance Team, responsible for conducting ethical hacking, adversary simulations, and developing custom malware to strengthen security defenses. Requires adv
Consultant- Internal Auditing
Doha, QAT
Malomatia seeks an Internal Auditor for a client in Doha to evaluate financial and operational processes, ensure compliance, and strengthen internal controls. The role requires 6-22 years of experience in internal auditi
Information Technology Internal Auditor
Doha, QAT
Malomatia is seeking an experienced IT Internal Auditor for a client in Qatar to evaluate IT systems, financial and operational processes, and ensure compliance with internal policies and regulatory standards. The role f
Internal Auditor
Doha, QAT
malomatia is seeking Financial Internal Auditors for a client in Qatar to evaluate financial and operational processes, ensure compliance, and strengthen internal controls. Candidates need proven experience in internal a
Consultant - Cybersecurity
Doha, QAT
malomatia is seeking a Cybersecurity Consultant to perform risk assessments, support security architecture, and contribute to data security, disaster recovery, and GRC activities. The role requires 2-3 years of cybersecu
Presales Solution Consultant
Doha, QAT
Malomatia seeks a Presales Solution Consultant to shape and present tailored software solutions for government and enterprise clients. You will act as a technical advisor, designing scalable applications and leading tech
Presales Consultant - Business Applications
Doha, QAT
malomatia seeks a Presales Solution Consultant for its Application Development & Modernization unit. You will act as a trusted advisor, leading discovery, solution design, technical presentations, and proposals for custo
SOC Thread Specialist
Doha, QAT
Red Team Expert
Doha, QAT
Consultant- Internal Auditing
Doha, QAT
Information Technology Internal Auditor
Doha, QAT
Internal Auditor
Doha, QAT
Consultant - Cybersecurity
Doha, QAT
Presales Solution Consultant
Doha, QAT
Presales Consultant - Business Applications
Doha, QAT