Application Security Leader

About the job:

Here at StatusNeo, we believe in not just meeting expectations but exceeding them. We are seeking an experienced product security lead with hands-on experience to perform the application threat modeling and conduct security assessments like SAST, DAST, IAST, SCA, and PT. We need a creative person to think outside the box to identify the security flaws, not only technical findings but also considering various logic flaws in the application.

Job Role - Application Security Lead

Job Location- Abu Dhabi

Experience- 8+ Years

Job Description:

• Proven experience in implementing proactive security solutions and integrating security into the software development lifecycle (SDLC)
• Familiarity with secure design review, threat modeling, and testing methodologies such as OWASP
• Hands-on tool experience with Metasploit Kali, Synck, Synopsys, HP Fortify, Burp suite, Nmap, ZAP, Netsparker, OWASP CSRF Tester, Checkmarx, SonarQube, SQLite browser, Drozer
• Knowledge of Azure security
• Knowledge of Nodejs/ golang/ graphql/ Azure
• Knowledge and experience of NVD and CVE/CWEs, CVE tracking, zero-day and other exploits, and the process of publishing and reporting vulnerabilities and their impact
• Knowledge and experience in the implementation of OWASP-Top10, SANS-Top25, other cyber advisories
• Knowledge of secure implementations on public Clouds like Azure and familiarity with containerization technologies (Kubernetes, Docker)
• Obtained relevant information security certifications, such as OSCP, CASE, CISSP, etc
• Excellent communication and collaboration skills to work effectively with cross-functional teams and stakeholders
• Familiarity with Agile processes and JIRA
• Ability to work with minimal day-to-day direction and must be personally motivated to learn new, emerging technologies continually
• Understands Software Development Life Cycle and SOAP, REST, and GraphQL APIs
• In-depth knowledge with Azure cloud architecture and virtualization technologies, such as Containers, EKS, Kubernetes, and Vmware

Additional Preferred Qualifications:

• Experience in the financial services industry
• Certifications: CREST CRT, CREST CPSA, Offensive Security Certified Professional (OSCP), GIAC Certified Web Application Defender (GWEB)
• Other Certifications: OSWP, BSCP, Certified Red Team Professional

About StatusNeo:

At StatusNeo, we take pride in being an agile software development and consulting firm with a specialization in D3 - Digital Full Stack, DevOps, Data Engineering, and AI. Imagine the thrill of not just porting software but building solutions that leverage the full potential of cloud native environments, all while being a key player in projects that impact the financial landscape. We are honored to have the senior digital leadership from the Big 3 in management consulting in New York on our board, guiding us toward greater achievements. Currently operational in the United States, Canada, India, UAE, and the Kingdom of Saudi Arabia, we are gearing up to establish a delivery center in Guadalajara, the Silicon Valley of Mexico, to better serve our clients in the US. In your new role at StatusNeo, get ready to embark on a journey as you become an integral part of our EMEA (Europe and Middle East Asia) practice, collaborating with the world's finest digital banks, telecom companies, e-commerce giants, and many more. This is not just a job, it's an opportunity to shape the future of banking and be at the forefront of innovation.