{bc}
linkedin

IT Application Security Specialist

DOHA BANK
Doha, QAT
Full Time
Senior
4 days ago
Application SecurityDevSecOpsCloud SecurityOWASP Top 10Secure SDLCThreat Modeling
Free

Job Fit Check

Base Career helps you apply smarter for this job.

?%
Ready to Scan

Key skills for this role

Application SecurityDevSecOpsCloud Security
Smart Apply

Full Job Posting

Job Purpose

  • The Application Security Specialist is responsible for designing, implementing, and governing application security across enterprise systems, ensuring that all applications are secure by design and compliant with organizational and regulatory requirements.
  • The role focuses on integrating security into the Software Development Lifecycle (SDLC), driving DevSecOps practices, and establishing secure architecture standards across cloud, on premises, and hybrid environments.

Key Responsibilities

  • Develop and maintain the enterprise Application Security program
  • Define and implement secure by design principles across all applications
  • Establish and monitor key security metrics (e.g., vulnerability reduction, remediation timelines)
  • Design and review secure architectures for applications, APIs, and microservices
  • Lead threat modeling activities (e.g., STRIDE methodology)
  • Define and enforce security design patterns, including authentication, encryption, and data protection
  • Integrate security controls into CI/CD pipelines
  • Implement and manage application security testing tools (SAST, DAST, SCA)
  • Establish secure coding standards aligned with OWASP Top 10
  • Design and implement secure cloud architectures across AWS and/or Azure environments
  • Coordinate vulnerability assessments, penetration testing, and application security reviews
  • Ensure adherence to security standards and regulatory requirements including PCI DSS, SWIFT CSP, ISO 27001

Qualifications & Experience

  • Bachelor’s degree in computer science, Cybersecurity, Software Engineering, or a related field
  • Minimum 8–12 years of experience in cybersecurity, with strong focus on Application Security, DevSecOps, and Cloud Security
  • Experience in the banking or financial services sector preferred

Required Skills & Competencies

  • Strong knowledge of OWASP Top 10 and secure coding practices
  • Secure SDLC and threat modeling techniques
  • API and web application security
  • Experience with SAST, DAST, and SCA platforms
  • Proficiency in cloud security (AWS / Azure)
  • Knowledge of container security (Kubernetes / OpenShift)
  • Familiarity with SIEM, vulnerability management, and security monitoring
  • Strong analytical and problem solving skills
  • Effective communication and stakeholder management

Professional Certifications

  • Required (Minimum 2): CISSP, CCSP, CISM or CRISC
  • Preferred: CEH, Microsoft Azure Security Engineer (AZ 500) or AWS Security Specialty, OSCP

Additional Information

  • This role requires close collaboration with development, infrastructure, and security teams
  • The position involves both strategic planning and hands on technical contributions
  • Experience in regulated environments is highly desirable

Apply for this job in 1 click

Skip the repetitive application forms

Install the Base Career Chrome Extension and autofill job applications across major job boards with your profile.

Sarah M.James T.Maya R.

Trusted by over 500,000 job seekers on Base Career

Start Free Today

More from this employer

More jobs at DOHA BANK