Cybersecurity Engineer - Application Security
Job Fit Check
Base Career helps you apply smarter for this job.
Key skills for this role
About the Role
Cybersecurity Engineer – Application Security role is responsible to maintain information security management within the SJC IT applications (Business and Operations) and continue security controls to maintain adequate cyber security posture within the environment and support manage SJC IT Information Security Lead.
Key Skills for This Role
Full Job Posting
Job Description
Cybersecurity Engineer – Application Security role is responsible to maintain information security management within the SJC IT applications (Business and Operations) and continue security controls to maintain adequate cyber security posture within the environment and support manage SJC IT Information Security Lead.
Information Security Governance
- Working with application development and maintenance teams to ensure that the application security coverage from the requirement gathering level, SDLC, application implementation and after implementation.
- Coordinate with vendors and conduct vulnerability assessments and penetration testing for applications (web, on premises, mobile, public facing)
- Conduct security static and dynamic testing through the provided tools – before go live (new or changes)
- Coordinate with Cybersecurity Engineer – governance and risk management to maintain application security management policies/ procedures and risk management.
- Assist to develop, implement, and manage the overall application enterprise process for information security and associated architecture standards such as ISO 27001, NIA, cyber security law, privacy management law and Qatar 2022 cyber security requirement.
- Evaluate suspected security breaches and recommend corrective actions (including incidents involving outside vendors).
- Follow cyber security incident management and incident response plan
- Serve as the part of the security incident response planning and execution
- Assist Risk Management, Internal Audit and IT department in the development of appropriate criteria needed to assess the level of new/existing applications and / or technology infrastructure elements for compliance with enterprise security standards.
- Assist in the review of application and/or technology environments during the development or acquisition process to (a) assure compliance with corporate security policies and directions and (b) assist in the overall integration process regarding SJC IT’s own technology environment.
- Application layer continuity management during the crisis situations
- Evaluate information security KPIs based on the Information Security/privacy Objectives and reviewing those KPIs based on the security objective’s changes
- maintenance of Application layer to support the organization’s information security/privacy policies and procedures and ensure timely updating thereof in light of changing circumstances/ best practices/ regulatory directives.
- Work with IT Security lead to coordinate with MOI security shield and maintain the NCSOC onboarding and continuity of connectivity
- Work with IT Security lead to coordinate with MPTO team and maintain Qatar 2022 implementations based on the agreed roadmap
- Provide daily, weekly and monthly reports to Information Security Lead related environment application level changes, incidents, problems, service operation and critical area.
- Mandatory actions
- IT Security Team Meeting – Monthly Basis
- Risk register validation – monthly basis (until IT environment in stable state)
- Information Security KPI validation – Monthly, Quarterly (reporting), Bi-annual and annual
- Compliance management – NIA, Qatar 2022, NCSOC, Q-cert, ISO 27001:2013, Cyber Crime Law, Privacy Law and other applicable laws and regulations to SJC IT.
Qualifications
- Skills, Knowledge and Expected Behaviors against Values
Organization Values
- Deep understanding and management experience of Information Security standards, processes and risk management.
- Knowledge of Department Priorities, Products, and the strategy
- knowledge information security landscape
- Maintain ISO27001:2013 certificate and other compliance requirements
- Application security knowledge
- Static and dynamic testing
- OWAPS
- Web application security
- .Net and Oracle environments
- Information security KPI validation
- Benchmarking
- Risk Management
- Maintaining Information Security Management Policies and procedure
- Knowledge of government and regulatory requirements
- Experience with Security Operations Center (SOC)
- Experience in current Security tools and solutions
- Personal information privacy management
- Act as One
- Over deliver on our promises
- Share what matters
• Always Challenge Assumptions
- Be pioneering
• SJC IT Information Security Lead
- IT Department team and heads
• IT Security Team
- Internal Auditors
- Vendors
- External Auditors
- Regulatory
Required Qualifications
- University Degree in Information Technology with Msc. in Information Security/ Cyber security from a recognized university is a plus.
- Certifications in Information security such as CISM, CISA, CRISC, CISSP, CBCP, GIAC, ISO27001LA
- Offensive security certifications CEH and CHFI is a plus
Preferred Experience
- Minimum 3 years of experience of which a minimum of 2 years should be in a similar position / responsibility.
About Us
malomatia is a leading Qatar-based IT services and solutions provider, bringing together top Qatari and international talent to deliver innovative, end-to-end technology solutions that empower clients to achieve their strategic goals.
Our mission
Empowering Qatar’s businesses and governments to leap into the digital future with agile, knowledge-driven solutions.
Our vision
To become Qatar’s trusted knowledge partner in digital transformation, disrupting industries, shaping the future, and building a world-class tech ecosystem.
Driving change that makes a real impact
Since 2008, malomatia has been driving Qatar’s digital transformation through innovative, ISO-certified IT solutions.
With expertise across key public and private sectors, we empower the nation’s vision with advanced services in cloud, cybersecurity, AI, and contact center excellence, elevating the role of technology in shaping Qatar’s sustainable future.
About The Team
Established in 2008, malomatia is a Qatari leader in IT services and digital transformation.
We serve key sectors including Government, Healthcare, Education, Customs, and Transportation, delivering impactful solutions that support national development goals.
Powered by a diverse team of skilled Qatari and international IT professionals, we deliver innovative, high-value digital solutions tailored to the unique needs of our clients.
Our mission is to inspire customers to thrive through digital excellence, and we envision becoming the trusted partner of choice in building a smarter society through technology and talent.
We are driven by core values that define our culture and approach: ownership, integrity, empathy, teamwork, transparency, agility, excellence, trust, and innovation.
Join us in shaping the future of technology in Qatar
Apply for this job in 1 click
Skip the repetitive application forms
Install the Base Career Chrome Extension and autofill job applications across major job boards with your profile.
Trusted by over 500,000 job seekers on Base Career
More from this employer
More jobs at malomatia
SOC Thread Specialist
Doha, QAT
Malomatia seeks a SOC Threat Specialist to protect IT and OT environments by detecting, investigating, and hunting cyber threats. The role requires 10 years of information security experience, threat hunting, and malware
Red Team Expert
Doha, QAT
Malomatia in Doha seeks a Red Team Expert to join their Cyber Assurance Team, responsible for conducting ethical hacking, adversary simulations, and developing custom malware to strengthen security defenses. Requires adv
Consultant- Internal Auditing
Doha, QAT
Malomatia seeks an Internal Auditor for a client in Doha to evaluate financial and operational processes, ensure compliance, and strengthen internal controls. The role requires 6-22 years of experience in internal auditi
Information Technology Internal Auditor
Doha, QAT
Malomatia is seeking an experienced IT Internal Auditor for a client in Qatar to evaluate IT systems, financial and operational processes, and ensure compliance with internal policies and regulatory standards. The role f
Internal Auditor
Doha, QAT
malomatia is seeking Financial Internal Auditors for a client in Qatar to evaluate financial and operational processes, ensure compliance, and strengthen internal controls. Candidates need proven experience in internal a
Consultant - Cybersecurity
Doha, QAT
malomatia is seeking a Cybersecurity Consultant to perform risk assessments, support security architecture, and contribute to data security, disaster recovery, and GRC activities. The role requires 2-3 years of cybersecu
Presales Solution Consultant
Doha, QAT
Malomatia seeks a Presales Solution Consultant to shape and present tailored software solutions for government and enterprise clients. You will act as a technical advisor, designing scalable applications and leading tech
Presales Consultant - Business Applications
Doha, QAT
malomatia seeks a Presales Solution Consultant for its Application Development & Modernization unit. You will act as a trusted advisor, leading discovery, solution design, technical presentations, and proposals for custo
SOC Thread Specialist
Doha, QAT
Red Team Expert
Doha, QAT
Consultant- Internal Auditing
Doha, QAT
Information Technology Internal Auditor
Doha, QAT
Internal Auditor
Doha, QAT
Consultant - Cybersecurity
Doha, QAT
Presales Solution Consultant
Doha, QAT
Presales Consultant - Business Applications
Doha, QAT