IT Application Security Specialist
Job Fit Check
Base Career helps you apply smarter for this job.
Key skills for this role
About the Role
Doha Bank is seeking an IT Application Security Specialist to design, implement, and govern application security across enterprise systems. The role focuses on integrating security into the SDLC, driving DevSecOps practices, and establishing secure architecture standards.
Key Skills for This Role
Responsibilities
- Develop and maintain the enterprise Application Security program
- Define and implement secure by design principles across all applications
- Design and review secure architectures for applications, APIs, and microservices
- Lead threat modeling activities (e.g., STRIDE methodology)
- Integrate security controls into CI/CD pipelines
- Implement and manage application security testing tools (SAST, DAST, SCA)
- Establish secure coding standards aligned with OWASP Top 10
- Design and implement secure cloud architectures across AWS and/or Azure environments
- Enforce Identity and Access Management (IAM) and Zero Trust principles
- Secure containerized environments (Kubernetes / OpenShift)
- Coordinate vulnerability assessments, penetration testing, and application security reviews
- Ensure adherence to security standards and regulatory requirements including PCI DSS, SWIFT CSP, ISO 27001
Requirements
- Bachelor’s degree in computer science, Cybersecurity, Software Engineering, or a related field
- Minimum 8–12 years of experience in cybersecurity, with strong focus on Application Security, DevSecOps, and Cloud Security
- Experience in banking or financial services sector preferred
- Strong knowledge of OWASP Top 10 and secure coding practices
- Experience with SAST, DAST, and SCA platforms
- Proficiency in cloud security (AWS / Azure)
- Knowledge of container security (Kubernetes / OpenShift)
- Familiarity with SIEM, vulnerability management, and security monitoring
- Minimum 2 of: CISSP, CCSP, CISM or CRISC
Full Job Posting
Job Purpose
- The Application Security Architect is responsible for designing, implementing, and governing application security across enterprise systems, ensuring that all applications are secure by design and compliant with organizational and regulatory requirements.
- The role focuses on integrating security into the Software Development Lifecycle (SDLC), driving DevSecOps practices, and establishing secure architecture standards across cloud, on premises, and hybrid environments.
Key Responsibilities
- Develop and maintain the enterprise Application Security program.
- Define and implement secure by design principles across all applications.
- Establish and monitor key security metrics (e.g., vulnerability reduction, remediation timelines).
- Continuously improve application security maturity.
- Design and review secure architectures for applications, APIs, and microservices.
- Lead threat modeling activities (e.g., STRIDE methodology).
- Define and enforce security design patterns, including authentication, encryption, and data protection.
- Participate in architecture governance and review forums.
- Integrate security controls into CI/CD pipelines.
- Implement and manage application security testing tools (SAST, DAST, SCA).
- Establish secure coding standards aligned with OWASP Top 10.
- Automate security validation and enforcement across development pipelines.
Qualifications & Experience
- Bachelor’s degree in computer science, Cybersecurity, Software Engineering, or a related field.
- Minimum 8–12 years of experience in cybersecurity, with strong focus on Application Security, DevSecOps, Cloud Security.
- Experience in the banking or financial services sector preferred.
Required Skills & Competencies
- Strong knowledge of OWASP Top 10 and secure coding practices.
- Secure SDLC and threat modeling techniques.
- API and web application security.
- Experience with application security tools: SAST, DAST, and SCA platforms.
- Proficiency in cloud security (AWS / Azure).
- Knowledge of container security (Kubernetes / OpenShift).
- Familiarity with SIEM, vulnerability management, and security monitoring.
- Strong analytical and problem solving skills.
- Effective communication and stakeholder management.
- Ability to influence cross functional teams.
- Strong attention to detail and risk awareness.
Professional Certifications
- Required (Minimum 2): CISSP, CCSP, CISM or CRISC.
- Preferred: CEH, Microsoft Azure Security Engineer (AZ 500) or AWS Security Specialty, OSCP.
Apply for this job in 1 click
Skip the repetitive application forms
Install the Base Career Chrome Extension and autofill job applications across major job boards with your profile.
Trusted by over 500,000 job seekers on Base Career
More from this employer
More jobs at DOHA BANK
IT Application Security Specialist
Doha, QAT
DOHA BANK is seeking an experienced IT Application Security Specialist to design, implement, and govern application security across enterprise systems. The role focuses on integrating security into the SDLC, driving DevS
Valuation Engineer
Doha, QAT
DOHA BANK is seeking a Valuation Engineer with expertise in quantity surveying, commercial management, and real estate valuation. The role involves managing tendering processes, overseeing external consultants, monitorin
Investment Officer
Doha, QAT
Doha Bank is seeking an Investment Officer to process FEQ/PT, Bond/PT, and QE transactions in compliance with bank and regulatory guidelines. The role involves operational activities, record keeping, reconciliation, and
Human Resources Business Partner (Dubai Branch)
Dubai, UAE
DOHA BANK is seeking an HR Business Partner (Emiratization) for their Dubai branch to serve as a strategic liaison driving HR initiatives. The role involves workforce planning, Emiratization, policy localization, employe
Senior Wealth Management Settlement Officer
Doha, QAT
Doha Bank seeks a Senior Wealth Management Settlement Officer to oversee settlement transactions for private banking and wealth management. The role involves authorizing trades, verifying settlement instructions, supervi
Team Lead Enterprise Cards & Payments
Doha, QAT
DOHA BANK is seeking an experienced IT Team Lead to oversee the development, implementation, and maintenance of enterprise-level cards and payments systems. The role requires a strong technical background in payment syst
Department Head – Digital Solutions & Technology
Doha, QAT
Doha Bank seeks a Department Head to lead Digital Solutions and Technology, driving digital transformation and customer-centric solutions. The role requires strategic leadership in enterprise architecture, digital techno
Compliance Officer & Deputy MLRO
Dubai, UAE
Doha Bank seeks an experienced Compliance Officer & Deputy MLRO for its UAE Branch in Dubai. You will ensure regulatory and AML compliance, support audits, and conduct training, requiring 10+ years of banking compliance
IT Application Security Specialist
Doha, QAT
Valuation Engineer
Doha, QAT
Investment Officer
Doha, QAT
Human Resources Business Partner (Dubai Branch)
Dubai, UAE
Senior Wealth Management Settlement Officer
Doha, QAT
Team Lead Enterprise Cards & Payments
Doha, QAT
Department Head – Digital Solutions & Technology
Doha, QAT
Compliance Officer & Deputy MLRO
Dubai, UAE