Manager - Application Security

The Manager - Application Security is responsible for leading the design, development, implementation, and management of application and software security strategies across the organization. This role oversees application security architecture, supports secure development practices, conducts security assessments, and collaborates with cross-functional teams to ensure applications are designed and deployed securely.

Responsibilities:

• Perform secure programming by identifying potential code flaws and mitigating vulnerabilities, ensuring cybersecurity is integrated throughout development, maintenance, and decommissioning.
• Conduct risk analysis and evaluate software and system changes to recommend modifications that enhance security and meet user needs within time and budget constraints.
• Apply cybersecurity functions such as encryption, access control, identity management, and public key infrastructure to reduce exploitation risks.
• Develop, test, and document secure code following security standards, including proper error handling and secure coding practices.
• Prepare detailed workflow diagrams and documentation that describe the logical operation and security controls of software systems.
• Collaborate with engineering teams and customers to design, develop, and maintain secure cybersecurity software systems.
• Perform integrated quality assurance testing and trial runs to verify functionality, security levels, and resilience of software applications.
• Modify and maintain existing software by correcting errors, adapting to new hardware, upgrading interfaces, and documenting software patches to prevent vulnerabilities.
• Devise creative exploits, solutions, and techniques to discover software vulnerabilities and improve overall security posture.
• Enforce, incorporate, and comply with all necessary controls and related information security policies, procedures, practices, training, reporting, personal due diligence, and vigilance related to departmental unit activities.

Preferred Qualifications:

• A tertiary level qualification from a recognized institution.
• Industry-recognized certifications.

Years & Nature of Experience:

• Proficient in conducting comprehensive vulnerability scans and accurately identifying security weaknesses within systems.
• Experienced in designing and implementing effective countermeasures to mitigate identified security risks.
• Skilled in writing clean, efficient code using currently supported programming languages.
• Adept at designing thorough cybersecurity test plans to ensure system resilience.
• Experienced in integrating public key infrastructure (PKI), encryption, and digital signature capabilities into applications.
• Proficient in utilizing advanced code analysis tools to detect and resolve security issues.
• Experienced in software debugging to identify and correct errors effectively.

Technical Competencies:

• Information security frameworks
• Programming and Testing
• Threat Modelling and Risk Assessment

Behavioral Competencies:

• Communication
• Problem Solving
• Attention to Detail
• Analytical Thinking
• Complex Reasoning

About Us:
D360 Bank is a shariah-compliant digital bank that aims to provide the best financial experience in the Kingdom. Our vision is to reinvent finance through innovation and technology, making it convenient, accessible, and fair to all.

About The Team:
Joining the D360 Bank Risk Management team offers a remarkable opportunity to lead our risk policy framework and strategies. You will actively shape pioneering techniques and state-of-the-art technologies, focusing on innovation to enhance our risk management capabilities.