We are looking for a highly talented Staff Security Engineer to join our team in Riyadh. If you are looking for a place where you can gain hands-on experience and create a direct impact, then this may be the place for you! As Staff Security Engineer, you'll work on:
-
Application Security:
- Ensure implementation of defined secure coding standards.
- Perform manual code/architecture reviews.
- Implement and embed security modules/engines in CI/CD pipelines.
- Contribute with engineers to resolve identified security vulnerabilities.
-
Penetration Testing and Red Teaming:
- Perform white/black box VAPTs for Web, Mobile apps, and on-prem/cloud infrastructure.
- Perform advanced red teaming exercises.
- Submit detailed security assessment reports and follow up on mitigation action plans.
-
Cloud Security:
- Implement and maintain security tools as required.
- Improve cloud infrastructure security to handle external and internal threats.
- Improve security monitoring of cloud infrastructure.
-
Governance and Resilience:
- Follow all relevant policies, procedures, and processes for controlled and consistent work.
- Contribute to the identification of opportunities for continuous improvement in processes and productivity.
- Promote the implementation and adherence to policies, procedures, and processes within the organization.
-
Daily Operations:
- Follow daily operations to ensure work continuity.
- Contribute to preparing timely and accurate reports that meet the requirements and objectives.
- Ensure customer satisfaction by addressing needs in a courteous and timely manner.
Requirements
- 8+ years of relevant professional experience in security engineering.
- Bachelor's degree in a related field is required; a Master's degree is highly preferred.
- Certification in OSCP or CDP is mandatory. Certifications such as OSCE and CDE are considered a plus.
- Proven expertise in penetration testing for both web and mobile applications.
- Strong proficiency in application security and the ability to integrate security practices into the CI/CD pipeline.
- Comprehensive knowledge of cloud information security and the capability to generate and monitor security alerts effectively.
- Familiarity with security infrastructure/operations tools and practices, such as Web Application Firewalls (WAF).
- Experience with cloud penetration testing is an advantage.
What We Offer
- Relocation support globally to our permanent employees.
- Opportunity to exchange ideas and meet 2000+ colleagues from different teams within Delivery Hero in our active guilds and through our global tech and product community.
- Development of your skills with a personal educational budget for conferences and external training.
- Access to our e-learning platform LinkedIn and participation in various in-house training programs.
- And much more…
Location:
Riyadh, Saudi Arabia
Job Type:
Temporary
