{bc}
linkedin

Senior AppSec Consultant (Secure SDLC Delivery)

Akkodis
Dubai, UAE
Fulltime
Entry
3 months ago
management consultingstrategybusiness advisoryprocess improvementstakeholder managementproblem solving
Free

Job Fit Check

Base Career helps you apply smarter for this job.

?%
Ready to Scan

Key skills for this role

management consultingstrategybusiness advisory
Smart Apply

Full Job Posting

Overview

We are hiring a hands-on Application Security expert who owns security delivery within fixed-price SDLC projects.

You will be accountable for what gets shipped, not just what gets documented.

This role is not governance, policy, or audit.

Activities

  • Perform security assessment of Android and/or iOS applications
  • Conduct APK/IPA reverse engineering and static analysis
  • Identify hardcoded secrets, insecure storage, and exposed components
  • Test runtime protections (SSL pinning, root/jailbreak detection)
  • Perform dynamic analysis using tools such as Frida, Objection, Burp
  • Validate compliance against OWASP MASVS
  • Assess secure implementation of OAuth, tokens, and local storage
  • Ensure proper certificate pinning and API protection in mobile apps
  • Work with developers to remediate platform-specific vulnerabilities

Own Security In Real Delivery

  • Take end-to-end accountability for application security in fixed-price projects
  • Ensure security is implemented, tested, and delivered, not just definedWork directly with developers to fix issues in code and pipelines

Hands-On Engineering

  • Perform manual and automated code reviews
  • Implement and tune: SAST / DAST / SCA, API and container security scanning
  • Build and enforce CI/CD security gates

Threat Modeling & Validation

  • Conduct practical threat modelling
  • Validate vulnerabilities through hands-on testing (e.g., Burp, ZAP)
  • Focus on real exploitability, not theoretical risks

Delivery Under Constraints

  • Operate in fixed-price environments with real constraints
  • Prioritize effectively to balance security, timeline, and budget
  • Take ownership of outcomes and resolve issues proactively
  • Required experience
  • Bachelor’s degree in Cybersecurity or related field
  • Certifications such as CISSP and/or CSSLP
  • Hands-On / Offensive or AppSec Certification (OSCP, GWAPT, eWPT/eWPTX)
  • Mobile app security (iOS / Android)
  • Experience coaching or upskilling development teams on secure coding
  • 7+ years in Cyber Security with strong Application Security focus
  • Proven experience in Secure SDLC within delivery projects
  • Experience in fixed-price or commitment-based environments
  • You’ve personally fixed vulnerabilities in code or pipelines
  • You can demonstrate exploitation paths, not just list findings
  • You are comfortable making security vs delivery trade-offs
  • What success looks like
  • You’ve personally fixed vulnerabilities in code or pipelines
  • You can demonstrate exploitation paths, not just list findings
  • You are comfortable making security vs delivery trade-offs
  • Developers see you as a technical peer, not an auditor
  • Security is embedded in SDLC and CI/CD pipelines
  • Vulnerabilities are fixed early, not escalated late
  • Projects are delivered securely on time, and within budget
  • You are recognized as accountable for security delivery
  • Developers see you as a technical peer, not an auditor
  • Nice to have
  • Cloud security (AWS / Azure / GCP)
  • Kubernetes / container security
  • Experience in regulated industries
  • Please note, only qualified candidates would be contacted

Apply for this job in 1 click

Skip the repetitive application forms

Install the Base Career Chrome Extension and autofill job applications across major job boards with your profile.

Sarah M.James T.Maya R.

Trusted by over 500,000 job seekers on Base Career

Start Free Today

More from this employer

More jobs at Akkodis