125 Application Security jobs in Dubai

Bayut & dubizzle have the unique distinction of being iconic, homegrown brands with a strong presence across the seven emirates in the UAE. Connecting millions of users across the country, we are committed to delivering the best online search experience.

As part of Dubizzle Group, we are alongside some of the strongest classified brands in the market. With a collective strength of 6 brands, we have more than 123 million monthly users that trust in our dedication to providing them with the best platform for their needs.

As an Application Security Engineer, you will work closely with the Head of Group IT and with the other relevant stakeholders from the IT and development teams to ensure that security is a core component of our systems and practices. You will be responsible for helping define, implement, and audit the effectiveness of our security controls and providing actionable recommendations to mitigate risks across a broad range of applications and services.

In this role you will:

• Collaborate with internal teams to implement security controls, address vulnerabilities and improvesecurity practices in the relevant platforms & services.
• Conduct penetration testing on web applications, mobile applications, APIs, networks, and system and coordinate the pen-testing projects executed by external partners.
• Ensure identified vulnerabilities, threats and risks are captured and processed in line with our risk management policy and procedure.
• Take part in security incident resolution and contribute to the development, maintenance and assessment of the Incident Response Plan’s effectiveness.
• Monitor the internal alerting systems and drive the events to closure.
• Participate in regular internal and external audits (including periodic user access reviews) on critical systems and ensure audit findings are remediated in the agreed timeframe.
• Reduce the information security knowledge gap within the technical teams by contributing to the creation of educational materials and awareness campaigns.
• Implement and regularly review the internal security policies and controls across all business-critical services.

• Bachelor’s degree in computer science, Information Security, or a related field.
• Minimum of 2 years in application development role
• 3-5 years of experience in information security or a related role.
• Proven experience as a Security Analyst, Security Engineer, Penetration Tester or
• similar role.
• Experience with the current Security frameworks such as ISO 27001, NIST and Data Protection.
• Good understanding of how to secure corporate environments and business applications.
• Solid understanding of hosting platforms, public cloud services and enterprise networking.
• Technical understanding of backend engineering architectures.
• Familiarity with secure coding practices and vulnerability management frameworks (OWASP);
• Strong knowledge of secure identity and access management practices.
• Strong knowledge of security technologies, including firewalls, IDS/IPS, and open-source vulnerability scanning tools.
• Proficiency in programming languages commonly used in security, such as Python or C++;
• Familiarity with network protocols and encryption algorithms.
• Understanding of regulatory frameworks and compliance standards (e.g., PCI DSS,GDPR).
• Able to define and select solutions for the cybersecurity space and monitor their effectiveness.
• Good communication skills, both written and verbal, with the ability to drive alignment with technical and business stakeholders.
• Strong analytical and problem-solving skills.
• Continuous learning mindset to stay on top of emerging threats and technologies, with a willingness to apply processes unique to the challenges at Dubizzle Group;
• Disciplined and logical thinker with the ability to draw conclusions from large data sets.

• A fast paced, high performing team.
• Multicultural environment with over 50 different nationalities
• Competitive Tax-free Salary
• Comprehensive Health Insurance
• Annual Air Ticket Allowance
• Employee discounts at multiple vendors across the emirates
• Rewards & Recognitions
• Learning & Development
  

Bayut & dubizzle is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees.

#dubizzlegroup

Bayut & dubizzle have the unique distinction of being iconic, homegrown brands with a strong presence across the seven emirates in the UAE. Connecting millions of users across the country, we are committed to delivering the best online search experience.

As part of Dubizzle Group, we are alongside some of the strongest classified brands in the market. With a collective strength of 6 brands, we have more than 123 million monthly users that trust in our dedication to providing them with the best platform for their needs.

As an Application Security Engineer, you will work closely with the Head of Group IT and with the other relevant stakeholders from the IT and development teams to ensure that security is a core component of our systems and practices. You will be responsible for helping define, implement, and audit the effectiveness of our security controls and providing actionable recommendations to mitigate risks across a broad range of applications and services.

In this role you will:

• Collaborate with internal teams to implement security controls, address vulnerabilities and improvesecurity practices in the relevant platforms & services.
• Conduct penetration testing on web applications, mobile applications, APIs, networks, and system and coordinate the pen-testing projects executed by external partners.
• Ensure identified vulnerabilities, threats and risks are captured and processed in line with our risk management policy and procedure.
• Take part in security incident resolution and contribute to the development, maintenance and assessment of the Incident Response Plan’s effectiveness.
• Monitor the internal alerting systems and drive the events to closure.
• Participate in regular internal and external audits (including periodic user access reviews) on critical systems and ensure audit findings are remediated in the agreed timeframe.
• Reduce the information security knowledge gap within the technical teams by contributing to the creation of educational materials and awareness campaigns.
• Implement and regularly review the internal security policies and controls across all business-critical services.

• Bachelor’s degree in computer science, Information Security, or a related field.
• Minimum of 2 years in application development role
• 3-5 years of experience in information security or a related role.
• Proven experience as a Security Analyst, Security Engineer, Penetration Tester or
• similar role.
• Experience with the current Security frameworks such as ISO 27001, NIST and Data Protection.
• Good understanding of how to secure corporate environments and business applications.
• Solid understanding of hosting platforms, public cloud services and enterprise networking.
• Technical understanding of backend engineering architectures.
• Familiarity with secure coding practices and vulnerability management frameworks (OWASP);
• Strong knowledge of secure identity and access management practices.
• Strong knowledge of security technologies, including firewalls, IDS/IPS, and open-source vulnerability scanning tools.
• Proficiency in programming languages commonly used in security, such as Python or C++;
• Familiarity with network protocols and encryption algorithms.
• Understanding of regulatory frameworks and compliance standards (e.g., PCI DSS,GDPR).
• Able to define and select solutions for the cybersecurity space and monitor their effectiveness.
• Good communication skills, both written and verbal, with the ability to drive alignment with technical and business stakeholders.
• Strong analytical and problem-solving skills.
• Continuous learning mindset to stay on top of emerging threats and technologies, with a willingness to apply processes unique to the challenges at Dubizzle Group;
• Disciplined and logical thinker with the ability to draw conclusions from large data sets.

• A fast paced, high performing team.
• Multicultural environment with over 50 different nationalities
• Competitive Tax-free Salary
• Comprehensive Health Insurance
• Annual Air Ticket Allowance
• Employee discounts at multiple vendors across the emirates
• Rewards & Recognitions
• Learning & Development
  

Bayut & dubizzle is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees.

#dubizzlegroup

Bayut & dubizzle are iconic, homegrown brands with a strong presence across the seven emirates in the UAE. Connecting millions of users, we aim to deliver the best online search experience.

As part of Dubizzle Group, we are among the market's strongest classified brands, with over 123 million monthly users trusting our platform.

As an Application Security Engineer, you will:

• Collaborate with internal teams to implement security controls, address vulnerabilities, and improve security practices across platforms & services.
• Conduct penetration testing on web applications, mobile applications, APIs, networks, and systems, coordinating with external partners as needed.
• Identify, document, and process vulnerabilities, threats, and risks according to our risk management policies.
• Participate in security incident resolution and help develop, maintain, and evaluate the Incident Response Plan.
• Monitor internal alerting systems and ensure timely resolution of security events.
• Participate in audits, including user access reviews, and ensure remediation of findings within agreed timelines.
• Enhance security awareness within technical teams through educational materials and campaigns.
• Review and update internal security policies and controls regularly.

Minimum qualifications:

• Bachelor’s degree in Computer Science, Information Security, or related field.
• 2+ years in application development.
• 3-5 years of experience in information security or similar roles.
• Proven experience as a Security Analyst, Engineer, Penetration Tester, or similar.
• Experience with security frameworks like ISO 27001, NIST, and Data Protection.
• Understanding of securing corporate environments and applications.
• Knowledge of hosting platforms, cloud services, and enterprise networking.
• Technical understanding of backend architectures.
• Familiarity with secure coding practices and vulnerability management frameworks (OWASP).
• Strong knowledge of identity and access management practices.
• Experience with security technologies such as firewalls, IDS/IPS, vulnerability scanning tools.
• Proficiency in programming languages like Python or C++.
• Understanding of network protocols and encryption algorithms.
• Knowledge of compliance standards like PCI DSS, GDPR.
• Excellent communication skills and analytical problem-solving abilities.
• Willingness to stay updated with emerging threats and technologies.

Benefits:

• Fast-paced, high-performing team environment.
• Multicultural workplace with over 50 nationalities.
• Competitive tax-free salary and comprehensive health insurance.
• Annual air ticket allowance and employee discounts.
• Recognition programs and learning opportunities.

Bayut & dubizzle are equal opportunity employers, committed to diversity and inclusion.

#dubizzlegroup

Join to apply for the Application Security Engineer role at Dicetek LLC

Join to apply for the Application Security Engineer role at Dicetek LLC

Get AI-powered advice on this job and more exclusive features.

• 5 or more years of experience in Application Security & Infrastructure Security VAPT.
• Bachelor’s degree or above in Computer Science, Information Security, or a related field.
• Relevant certifications such as OSCP, CEH, CISSP, CISA, CRTP, GWAPT, GMOB, or GIAC are preferred.
• Strong knowledge of Web , Mobile & AI Application Security (OWASP Top 10), Secure Code Review, API Security, Cloud Security (AWS, Azure, GCP), and Infrastructure Security.
• Experience with security tools such as Burp Suite, SonarQube, Fortify, Metasploit, Nessus, Qualys, Nmap, Acunetix, ZAP, and Kali Linux.
• Understanding of data protection regulations (UAE- IA, ISO 27001, NIST, PCI-DSS, etc.).
  

• 5 or more years of experience in Application Security & Infrastructure Security VAPT.
• Bachelor’s degree or above in Computer Science, Information Security, or a related field.
• Relevant certifications such as OSCP, CEH, CISSP, CISA, CRTP, GWAPT, GMOB, or GIAC are preferred.
• Strong knowledge of Web , Mobile & AI Application Security (OWASP Top 10), Secure Code Review, API Security, Cloud Security (AWS, Azure, GCP), and Infrastructure Security.
• Experience with security tools such as Burp Suite, SonarQube, Fortify, Metasploit, Nessus, Qualys, Nmap, Acunetix, ZAP, and Kali Linux.
• Understanding of data protection regulations (UAE- IA, ISO 27001, NIST, PCI-DSS, etc.).
  

• Conduct in-depth security assessments and penetration testing for applications and infrastructure to identify security weaknesses.
• Assess application security risks, including web applications, APIs, cloud environments, and mobile applications.
• Perform infrastructure security testing across servers, networks, databases, and cloud services.
• Collaborate with development, IT, and security teams to remediate identified vulnerabilities.
• Develop and maintain security testing methodologies, reports, and best practices.
• Ensure compliance with security policies, frameworks, and regulatory requirements.
• Provide security recommendations and enhancements to improve overall security posture.

• Seniority levelNot Applicable

• Employment typeContract

• Job functionInformation Technology
• IndustriesIT Services and IT Consulting

Referrals increase your chances of interviewing at Dicetek LLC by 2x

Global Village, Dubai, United Arab Emirates 6 months ago

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

Binance is the world’s largest blockchain ecosystem and crypto exchange by volume. Trusted by over 250 million users globally, we’re building a secure, accessible financial system powered by blockchain.

Join Binance’s elite security team to help safeguard our DeFi and Web3 platforms. As an Application Security Engineer, you'll be on the frontlines of defending digital assets—analyzing vulnerabilities, securing code, and integrating blockchain-native defenses across the SDLC.

• Fortify the security of Binance's DeFi and Web3 projects
• Respond to security issues flagged via penetration tests, bug bounties, or external assessments
• Perform in-depth analysis of vulnerabilities and design secure, code-level solutions
• Collaborate on secure system architecture and infrastructure improvements
• Integrate third-party and AI-based blockchain security tools into the CI/CD pipeline
• Drive automation of security testing across development lifecycles

• 2+ years in mobile app development (iOS, Kotlin, Java) or related tech stacks
• Solid experience with two or more languages: Java, Swift, Kotlin, Go, Python, Rust
• Experience building secure client-server apps and working with mobile security protocols
• Familiarity with common mobile and blockchain security weaknesses and best practices
• Passion for crypto, DeFi, and smart contract security
• Strong independent problem-solving ability and collaboration mindset

• Experience with bug bounty programs
• Knowledge of DeFi vulnerabilities, wallet security, smart contract auditing
• Development in Solidity or Rust
• Active GitHub or open-source contributions
• Shape the future of digital finance and DeFi security
• Collaborate with top-tier engineers in a global, flat-structured team
• Gain autonomy and ownership over high-impact projects
• Enjoy competitive salary, benefits, and remote-first flexibility
• Continuous learning and growth opportunities in a dynamic Web3 environment

Join Binance and secure the future of finance. Apply now.

The Lead Application Security professional will be responsible for the security of all software applications within the organization. This role requires deep expertise in secure software development, vulnerability management, and application security testing. The individual will work closely with development, DevOps, and IT teams to integrate security throughout the software development lifecycle (SDLC) and protect against security threats, data breaches, and other vulnerabilities.

Job Responsibilities:

Application Security Strategy & Leadership

- Develop, implement, and maintain the organization's application security strategy.

- Lead the integration of security best practices into the software development lifecycle (SDLC) for both in-house and third-party applications.

- Work closely with development and IT teams to ensure application security is prioritized throughout the entire development and deployment process.

Secure Software Development & Code Reviews

- Collaborate with software development teams to implement secure coding practices and frameworks (e.g., OWASP Top 10).

- Perform regular code reviews and static/dynamic analysis of applications to identify potential security vulnerabilities and weaknesses.

- Provide guidance on secure design, coding, and testing techniques to ensure applications are built securely from the ground up.

Application Vulnerability Management

- Conduct vulnerability assessments and penetration tests of web and mobile applications, APIs, and microservices to identify security risks.

- Manage the remediation of identified vulnerabilities, working with development teams to address security gaps and validate fixes.

- Establish a process for continuous application vulnerability monitoring, using tools like SAST (Static Application Security Testing) and DAST (Dynamic Application Security Testing).

Security Testing & Penetration Testing

- Lead the implementation of security testing methodologies, including threat modeling, fuzz testing, and automated vulnerability scanning.

- Oversee third-party security testing vendors and internal teams conducting penetration tests, ensuring results are acted upon effectively.

- Continuously assess applications for new security threats and ensure they are appropriately hardened.

Application Security Tools & Technologies

- Select and manage application security tools and technologies such as Web Application Firewalls (WAFs), Runtime Application Self-Protection (RASP), and vulnerability scanning tools.

- Ensure proper integration of security tools into the continuous integration/continuous deployment (CI/CD) pipeline for DevOps and Agile environments.

- Ensure security tools are up to date and effective at protecting against modern application threats.

- Act as the primary liaison between security, development, and operations teams, ensuring strong collaboration and communication regarding application security.

- Lead and mentor a team of application security engineers, providing training and development in secure coding practices, vulnerability management, and threat modeling.

- Collaborate with DevOps teams to ensure secure CI/CD practices, promoting the principles of DevSecOps.

- Lead the response to application security incidents, ensuring that vulnerabilities are identified, analyzed, and remediated promptly.

- Coordinate with other security and IT teams during security incidents to contain and mitigate threats to applications.

- Develop post-incident review processes to continuously improve application security posture.

Application Security Training & Awareness

- Develop and deliver application security training for development teams, covering secure coding standards, common vulnerabilities (e.g., OWASP Top 10), and secure software design.

- Promote a security-first culture within the development and IT teams, encouraging proactive identification and resolution of security risks.

- Create and maintain security playbooks and guidelines for developers and DevOps teams.

Qualifications / Experience / Competencies:

Qualifications & Certifications:

• Bachelor of Engineering (Electronics) or Equivalent
• Relevant certifications such as Certified Information Systems Security Professional (CISSP), Certified Secure Software Lifecycle Professional (CSSLP), Certified Ethical Hacker (CEH), GIAC Web Application Penetration Tester (GWAPT), or equivalent are desirable.

Skills:

- In-depth knowledge of application security principles, including authentication, authorization, encryption, and secure communications.

- Hands-on experience with security testing tools such as Burp Suite, OWASP ZAP, SAST/DAST, and penetration testing tools.

- Familiarity with DevSecOps practices, integrating security into CI/CD pipelines.

- Strong problem-solving and analytical skills with the ability to think critically about security threats and solutions.

- Excellent communication skills with the ability to explain technical issues to non-technical stakeholders.

- Leadership: Strong leadership abilities with the capability to guide development and security teams toward secure application development practices.

- Risk Management: Ability to assess risks and implement mitigations for application security vulnerabilities.

- Collaboration: Strong interpersonal skills to work with cross-functional teams, including development, IT, and business stakeholders.

- Technical Expertise: Advanced knowledge of secure coding, vulnerability management, and application security testing tools and techniques.

- Communication: Ability to articulate security concepts to technical and non-technical stakeholders.

Disclaimer: Naukrigulf.com is only a platform to bring jobseekers & employers together. Applicants are advised to research the bonafides of the prospective employer independently. We do NOT endorse any requests for money payments and strictly advice against sharing personal or bank related information. We also recommend you visit Security Advice for more information. If you suspect any fraud or malpractice, email us at

• Dubai , Others - United Arab Emirates (UAE)

Job Title - Specialist - Application Security:

• Maintain the periodic penetration testing schedule, covering blackbox, greybox and whitebox engagements.
• Perform the testing of all web/mobile/thick-client applications developed/run by the organization and ensure the timely resolution of identified vulnerabilities.
• Collaborate with the development team for the security testing of all incremental changes as part of the development sprints.
• Ensure all engagements cover OWASP Top 10 as a minimum baseline and all findings are documented with an associated OWASP Top 10 category and CVSS score.
• Actively drive the integration and usage of SAST/SCA tooling within the DevOps process.
• Assist in reviewing the reports generated by the SAST/DAST/SCA tooling, prioritizing the critical issues, and coordinating with the development team for respective fixes.
• Conduct architecture and integration review of all applications developed in-house or used by the organization.
• Identify security gaps in application touchpoints/workflows and suggest remediation measures.
• Develop scripts/macros to automate standardized testing use cases.
• Prepare security baseline documents for new and existing applications.
• Prepare secure coding practices documents specific to the environments and frameworks being used in the organization.
• Collaborate with the application teams in providing preliminary reviews for upcoming features to ensure secure implementation approach is adopted.
• Drive the evolution of the application security program to adequately cover all stages of development.
• Assist in developing or enhancing the runtime protection of the applications.
• Assist team in reviewing and implementing enhancements to the application security program’s tooling and processes for increased agility.
• Assist team in the preparation of the documentation/proposals around security solutions/offerings.
• Assist in managing security solutions designed to protect applications such as WAF.

• Working knowledge of manual testing of web applications, iOS/Android mobile apps, APIs & thick-client applications.
• Good understanding and knowledge of common web frameworks and Web APIs.
• Excellent understanding of authentication and authorization techniques.
• Excellent understanding of security issues impacting web, mobile and API; ability of identifying them within a target and building PoCs.
• Comfortable with scripting and reviewing code blocks as part of application testing.
• Knowledge of cloud native application architecture.
• Strong documentation and communication skills.

• Application Security
• Strong conceptual understanding of web frameworks, cloud native applications, and thick clients
• Hands-on experience with web application, mobile app, API & thick client pentesting.

Associate

Full-time

Information Technology, Analyst, and Engineering

Computer and Network Security and IT System Custom Software Development

Job Title - Specialist - Application Security:

• Maintain the periodic penetration testing schedule, covering blackbox, greybox and whitebox engagements.
• Perform the testing of all web/mobile/thick-client applications developed/run by the organization and ensure the timely resolution of identified vulnerabilities.
• Collaborate with the development team for the security testing of all incremental changes as part of the development sprints.
• Ensure all engagements cover OWASP Top 10 as a minimum baseline and all findings are documented with an associated OWASP Top 10 category and CVSS score.
• Actively drive the integration and usage of SAST/SCA tooling within the DevOps process.
• Assist in reviewing the reports generated by the SAST/DAST/SCA tooling, prioritizing the critical issues, and coordinating with the development team for respective fixes.
• Conduct architecture and integration review of all applications developed in-house or used by the organization.
• Identify security gaps in application touchpoints/workflows and suggest remediation measures.
• Develop scripts/macros to automate standardized testing use cases.
• Prepare security baseline documents for new and existing applications.
• Prepare secure coding practices documents specific to the environments and frameworks being used in the organization.
• Collaborate with the application teams in providing preliminary reviews for upcoming features to ensure secure implementation approach is adopted.
• Drive the evolution of the application security program to adequately cover all stages of development.
• Assist in developing or enhancing the runtime protection of the applications.
• Assist team in reviewing and implementing enhancements to the application security program's tooling and processes for increased agility.
• Assist team in the preparation of the documentation/proposals around security solutions/offerings.
• Assist in managing security solutions designed to protect applications such as WAF.

• Working knowledge of manual testing of web applications, iOS/Android mobile apps, APIs & thick-client applications.
• Good understanding and knowledge of common web frameworks and Web APIs.
• Excellent understanding of authentication and authorization techniques.
• Excellent understanding of security issues impacting web, mobile and API; ability of identifying them within a target and building PoCs.
• Comfortable with scripting and reviewing code blocks as part of application testing.
• Knowledge of cloud native application architecture.
• Strong documentation and communication skills.

• Application Security
• Strong conceptual understanding of web frameworks, cloud native applications, and thick clients
• Hands-on experience with web application, mobile app, API & thick client pentesting.

Associate

Full-time

Information Technology, Analyst, and Engineering

Computer and Network Security and IT System Custom Software Development

Security experts at Netsentries Application Security Engineers will conduct code-aware security assessments and threat modeling to identify vulnerabilities in enterprise web/mobile applications on different platforms.

Key Responsibilities:
- Perform mobile/web application security testing
- Ensure highest level of security compliance and best practices

• Proficiency in mobile application testing and source code review
• Excellent communication abilities, technical acumen, and a desire to learn

Required Qualifications:
- Bachelor's degree in Computer Science, Information Security or related field

• In-depth understanding of OWASP ASVS, OWASP MASVS, OWASP Top 10, SANS 25, PCI-DSS, HIPAA, MITRE-CWE

Other Requirements:

• Candidates should be technically sound and eager to learn new technologies
• Immediate availability is preferred