388 Security Testing jobs in the United Arab Emirates

Are you passionate about securing critical applications and leading high-performing security teams to perform security testing activities for large scale projects? Join Netcracker Technology, a global leader in digital transformation, where your expertise in application security testing, will protect cutting-edge solutions used by top-tier service providers around the world. Netcracker delivers market-leading, next-gen BSS, OSS, cloud, 5G, IoT, SDN/NFV and mission-critical solutions to Telco' around the globe. As a wholly owned subsidiary of NEC Corporation, our comprehensive portfolio of software solutions and professional services enables large-scale digital transformations, unlocking the opportunities of the cloud, virtualization and the changing mobile ecosystem. This is your opportunity to lead security efforts across web, mobile, and API platforms while influencing the future of secure software development.

Position Summary

We are looking for a person with good knowledge of web and mobile applications security testing, proven experience of handling large-scale security testing projects, including static and dynamic assessment methods for web, mobile and API's. it will be required to demonstrate the knowledge of common attacks for mobile, web and API systems and relevant methods of their remediation, secure design patterns of business flows within web and mobile applications, cryptography specifications (TLS, X.509, hashing and encryption algorithms, handshake) and their common implementation flaws, basic understanding for authentication standards (Oauth 2.0, Open ID Connect, SAML).

Demonstrable knowledge about test management using Jira or similar tools, test case set-up, report generation, defect management lifecycle and risk scoring using industry standard methodologies like CVSS. The role will be responsible for driving security testing activity, ensuring the timely delivery of assessments and collaborating with cross-functional teams in an implementation project for our clients.

Principal Duties and Responsibilities:

• Lead and manage a team of application security testers to execute comprehensive security testing across web, API, and mobile
• Plan and prioritize testing activities to ensure timely delivery of security assessments and actionable remediation plans.
• Conduct and direct, hands-on application security testing, including Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST) and / or Mobile Application Security Testing (MAST) and / or Software Composition Analysis (SCA).
• Produce clear and concise documentation like test strategy, test plan, testing report, issue summary along with prioritization based on risk and impact of the issue identified.
• Work closely with Development, QA, and DevOps teams to embed security throughout the Software Development Lifecycle (SDLC).
• Champion OWASP Top 10, CWE, and other global security standards across engineering practices.
• Effectively manage reporting to client and different stakeholders on testing progress, issues, risks and collaborate on remediation of risks for testing process.
• Monitor emerging threats and security trends, recommending improvements and countermeasures as needed.
• Provide ongoing mentorship and training to junior team members and promote a security-first mindset.
• Represent application security in cross-functional discussions and audits.

Background and Skills:

• 8–15 years of experience in Application Security Testing, with at least 2–3 years in a leadership or managerial role.
• Proven experience in manual security testing techniques beyond tool-based scanning.
• Strong hands-on expertise with SAST, DAST and SCA tools and frameworks.
• Experience testing a range of applications including Web, RESTful APIs, and Mobile apps.
• Deep understanding of OWASP Top 10, CWE, secure coding practices, and vulnerability mitigation techniques.
• Familiarity with DevSecOps principles and integrating security testing into CI/CD pipelines
• Strong communication, stakeholder management, and reporting skills.
• Relevant certifications such as OSCP, CEH, GWAPT, or equivalent are a plus.

Education:

Higher technical education - university degree in a relevant domain

Join to apply for the Application Security Testing Manager role at Netcracker Technology

Are you passionate about securing critical applications and leading high-performing security teams to perform security testing activities for large scale projects? Join Netcracker Technology , a global leader in digital transformation, where your expertise in application security testing, will protect cutting-edge solutions used by top-tier service providers around the world.

Netcracker delivers market-leading, next-gen BSS, OSS, cloud, 5G, IoT, SDN/NFV and mission-critical solutions to Telco' around the globe. As a wholly owned subsidiary of NEC Corporation, our comprehensive portfolio of software solutions and professional services enables large-scale digital transformations, unlocking the opportunities of the cloud, virtualization and the changing mobile ecosystem.

This is your opportunity to lead security efforts across web, mobile, and API platforms while influencing the future of secure software development.

We are looking for a person with good knowledge of web and mobile applications security testing, proven experience of handling large-scale security testing projects, including static and dynamic assessment methods for web, mobile and API's. It will be required to demonstrate the knowledge of common attacks for mobile, web and API systems and relevant methods of their remediation, secure design patterns of business flows within web and mobile applications, cryptography specifications (TLS, X.509, hashing and encryption algorithms, handshake) and their common implementation flaws, basic understanding for authentication standards (Oauth 2.0, Open ID Connect, SAML).

Demonstrable knowledge about test management using Jira or similar tools, test case set-up, report generation, defect management lifecycle and risk scoring using industry standard methodologies like CVSS. The role will be responsible for driving security testing activity, ensuring the timely delivery of assessments and collaborating with cross-functional teams in an implementation project for our clients.

• Lead and manage a team of application security testers to execute comprehensive security testing across web, API, and mobile
• Plan and prioritize testing activities to ensure timely delivery of security assessments and actionable remediation plans.
• Conduct and direct, hands-on application security testing, including Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST) and / or Mobile Application Security Testing (MAST) and / or Software Composition Analysis (SCA).
• Produce clear and concise documentation like test strategy, test plan, testing report, issue summary along with prioritization based on risk and impact of the issue identified.
• Work closely with Development, QA, and DevOps teams to embed security throughout the Software Development Lifecycle (SDLC).
• Champion OWASP Top 10, CWE, and other global security standards across engineering practices.
• Effectively manage reporting to client and different stakeholders on testing progress, issues, risks and collaborate on remediation of risks for testing process.
• Monitor emerging threats and security trends, recommending improvements and countermeasures as needed.
• Provide ongoing mentorship and training to junior team members and promote a security-first mindset.
• Represent application security in cross-functional discussions and audits.

• 8–15 years of experience in Application Security Testing, with at least 2–3 years in a leadership or managerial role.
• Proven experience in manual security testing techniques beyond tool-based scanning.
• Strong hands-on expertise with SAST, DAST and SCA tools and frameworks.
• Experience testing a range of applications including Web, RESTful APIs, and Mobile apps.
• Deep understanding of OWASP Top 10, CWE, secure coding practices, and vulnerability mitigation techniques.
• Familiarity with DevSecOps principles and integrating security testing into CI/CD pipelines
• Strong communication, stakeholder management, and reporting skills.
• Relevant certifications such as OSCP, CEH, GWAPT, or equivalent are a plus.

Higher technical education - university degree in a relevant domain

Mid-Senior level

Full-time

Information Technology

Telecommunications

Are you passionate about securing critical applications and leading high-performing security teams to perform security testing activities for large scale projects Join Netcracker Technology a global leader in digital transformation where your expertise in application security testing will protect cutting-edge solutions used by top-tier service providers around the world. Netcracker delivers market-leading next-gen BSS OSS cloud 5G IoT SDN/NFV and mission-critical solutions to Telco around the globe. As a wholly owned subsidiary of NEC Corporation our comprehensive portfolio of software solutions and professional services enables large-scale digital transformations unlocking the opportunities of the cloud virtualization and the changing mobile ecosystem. This is your opportunity to lead security efforts across web mobile and API platforms while influencing the future of secure software development.

We are looking for a person with good knowledge of web and mobile applications security testing proven experience of handling large-scale security testing projects including static and dynamic assessment methods for web mobile and APIs. it will be required to demonstrate the knowledge of common attacks for mobile web and API systems and relevant methods of their remediation secure design patterns of business flows within web and mobile applications cryptography specifications (TLS X.509 hashing and encryption algorithms handshake) and their common implementation flaws basic understanding for authentication standards (Oauth 2.0 Open ID Connect SAML).

Demonstrable knowledge about test management using Jira or similar tools test case set-up report generation defect management lifecycle and risk scoring using industry standard methodologies like CVSS. The role will be responsible for driving security testing activity ensuring the timely delivery of assessments and collaborating with cross-functional teams in an implementation project for our clients.

• Lead and manage a team of application security testers to execute comprehensive security testing across web API and mobile
• Plan and prioritize testing activities to ensure timely delivery of security assessments and actionable remediation plans.
• Conduct and direct hands-on application security testing including Static Application Security Testing (SAST) Dynamic Application Security Testing (DAST) and / or Mobile Application Security Testing (MAST) and / or Software Composition Analysis (SCA).
• Produce clear and concise documentation like test strategy test plan testing report issue summary along with prioritization based on risk and impact of the issue identified.
• Work closely with Development QA and DevOps teams to embed security throughout the Software Development Lifecycle (SDLC).
• Champion OWASP Top 10 CWE and other global security standards across engineering practices.
• Effectively manage reporting to client and different stakeholders on testing progress issues risks and collaborate on remediation of risks for testing process.
• Monitor emerging threats and security trends recommending improvements and countermeasures as needed.
• Provide ongoing mentorship and training to junior team members and promote a security-first mindset.
• Represent application security in cross-functional discussions and audits.

• 815 years of experience in Application Security Testing with at least 23 years in a leadership or managerial role.
• Proven experience in manual security testing techniques beyond tool-based scanning.
• Strong hands-on expertise with SAST DAST and SCA tools and frameworks.
• Experience testing a range of applications including Web RESTful APIs and Mobile apps.
• Deep understanding of OWASP Top 10 CWE secure coding practices and vulnerability mitigation techniques.
• Familiarity with DevSecOps principles and integrating security testing into CI/CD pipelines
• Strong communication stakeholder management and reporting skills.
• Relevant certifications such as OSCP CEH GWAPT or equivalent are a plus.

Higher technical education - university degree in a relevant domain

Information Security Engineer - penetration testing, DevSecOps practices, cloud security (AWS & Azure), and security architecture. Urgent requirement for banking experience in Abu Dhabi, UAE.

• Perform penetration testing of web applications, mobile applications, and APIs.
• Perform secure code reviews to identify vulnerabilities in application code, scripts, and configurations.
• Configure, fine-tune, and review results from SAST, DAST, IaC, container, and dependency scanning tools.
• Drive DevSecOps initiatives, including security integration in CI / CD pipelines.
• Review and enhance Kubernetes security, container security, and infrastructure security.
• Contribute to security architecture design and reviews for applications, infrastructure, and cloud.
• Conduct threat modeling, risk assessments, and vulnerability management.
• Establish and deliver security training, awareness sessions, and best practices to teams.
• Collaborate with development, DevOps, and infrastructure teams to ensure secure design and delivery.
• Act as a security advisor to stakeholders, explaining risks and recommendations in simple, non-technical terms.
• Participate in incident response and post-incident reviews, ensuring lessons learned are applied.
• Stay updated on emerging threats, attack techniques, and new security technologies.

• 7-10 years of proven expertise in application, infrastructure, and cloud security.
• Hands-on experience in penetration testing (web, mobile, API).
• Strong experience in DevSecOps practices, cloud security (AWS & Azure), and security architecture.
• Experience configuring and reviewing security scanning (SAST, DAST, IaC, container, dependencies).
• Ability to drive security in a banking environment and communicate risks to stakeholders.

• Seniority level : Mid-Senior level
• Employment type : Contract
• Location : Abu Dhabi, United Arab Emirates

This description reflects the requirements and responsibilities as provided and does not include any external postings or unrelated content.

Job Title: Security Engineer

Location:
Dubai, United Arab Emirates (
On-site Only
)

Employment Type:
Full-time

Start Date:
Immediate

Work Mode:
100% in-office (no remote or hybrid / No Agency)

Salary:
Competitive (AED, based on experience)

Role Overview

We are looking for a
Security Engineer
to help design, implement, and maintain security controls across our systems and applications. The ideal candidate will have strong hands-on experience in
vulnerability management, incident response, and security architecture
, ensuring our infrastructure and data remain secure against evolving cyber threats.

Key Responsibilities

• Design and implement security measures to protect applications, systems, and infrastructure.
• Perform
  vulnerability assessments and penetration testing
  to identify and remediate risks.
• Monitor and respond to
  security incidents
  with timely analysis and resolution.
• Collaborate with development, operations, and business teams to integrate
  security by design
  .
• Support compliance with
  security standards and regulatory frameworks
  (e.g., ISO 27001, NIST, GDPR).
• Maintain and update security documentation, including policies, procedures, and reports.

Required Qualifications

• Bachelor's degree in computer science, Cybersecurity, or related field.
• 3–5 years of experience in a
  security engineering or related cybersecurity role
  .
• Strong knowledge of
  application security, system hardening, and cloud security (AWS/Azure/GCP)
  .
• Hands-on experience with
  security tools
  (SIEM, IDS/IPS, vulnerability scanners, endpoint protection).
• Familiarity with
  threat modeling
  and common frameworks (e.g., MITRE ATT&CK, STRIDE).
• Certifications such as
  CEH, OSCP, Security+, CISSP, or GIAC
  are a plus.

Preferred Skills

• Experience with scripting or automation (Python, Bash, or PowerShell).
• Knowledge of
  DevSecOps practices
  and CI/CD pipeline integration.
• Understanding of
  identity and access management (IAM)
  and authentication methods.
• Prior experience in
  incident response and forensic analysis
  .

Soft Skills

• Strong analytical and problem-solving abilities.
• Clear and effective communication skills with technical and non-technical stakeholders.
• Team-oriented with the ability to work independently when required.
• Adaptable and proactive in learning new technologies and threats.

Impact of the Role

• As a Security Engineer, you will be at the forefront of safeguarding our
  applications, systems, and data
  . Your work will directly contribute to maintaining trust, ensuring compliance, and protecting against cyber threats, making you a key driver of our organization's security posture.

At BlackStone eIT, we are seeking a highly motivated Security Engineer to join our talented team. As a Security Engineer, you will be responsible for protecting our systems and infrastructure from cyber threats. You will work closely with various departments to ensure our security practices meet industry standards and regulatory requirements.

Your primary responsibilities will include assessing security risks, designing effective security architectures, and implementing best practices to safeguard sensitive data. You will play a vital role in incident response and recovery efforts, as well as monitoring and reporting on security incidents.

• Leading IT teams to implement and maintain secure, efficient, and scalable systems.
• Designing and supervising data center and network infrastructures for hospitals, universities, and businesses.
• Managing cybersecurity solutions, ensuring compliance with industry standards.
• Overseeing IT service management and business continuity planning.
• Implementing ERP, HIS, and PACS systems in healthcare institutions.
• Collaborating with stakeholders to optimize IT operations and business processes.
• Conducting training and mentoring for IT teams and end-users

• Network Engineering (Cisco, Juniper, Palo Alto)
• • Cybersecurity (Firewalls, NAC, IAM)
• • System Administration (Windows, Linux, VMware)
• • Cloud & Virtualization (VMware, VCenter)
• • IT Service Management (ITSM, ISO 27000, ISO 2000)
• • Data Center Design & Supervision
• • VoIP & Unified Communications (Cisco Call Manager, Avaya)
• • SAP & ERP Support
  • Database & Application Management
• • Software Development & IT Project Management
• • Business Continuity & Disaster Recovery Planning

Requirements

• Bachelor's degree in Cybersecurity, IT, or related discipline
• Minimum of 3 years of experience in security engineering or similar roles
• Strong understanding of security frameworks and best practices
• Familiarity with security tools such as firewalls, intrusion detection systems, and SIEM
• Experience in conducting security assessments and vulnerability testing
• Knowledge of relevant compliance regulations and standards
• Ability to think critically and solve complex problems
• Excellent communication skills, both verbal and written
• Relevant certifications such as CISSP, CEH, or CISM are preferred
• Commitment to continuous learning and professional development

Benefits

• Paid Time Off
• Performance Bonus
• Training & Development

Security Engineer

Position Overview

We are looking for an experienced Security Engineer with 7-10 years of proven expertise in application, infrastructure, and cloud security. The ideal candidate will have hands-on experience in penetration testing, DevSecOps practices, cloud security (AWS & Azure), and security architecture. They will also play a key role in building a strong security culture, driving awareness, and collaborating with multiple teams to integrate security seamlessly across the organization.

Responsibilities

• Perform penetration testing of web applications, mobile applications, and APIs.
• Perform secure code reviews to identify vulnerabilities in application code, scripts, and configurations.
• Configure, fine-tune, and review results from SAST, DAST, IaC, container, and dependency scanning tools.
• Drive DevSecOps initiatives, including security integration in CI/CD pipelines.
• Review and enhance Kubernetes security, container security, and infrastructure security.
• Contribute to security architecture design and reviews for applications, infrastructure, and cloud.
• Conduct threat modeling, risk assessments, and vulnerability management.
• Establish and deliver security training, awareness sessions, and best practices to teams.
• Collaborate with development, DevOps, and infrastructure teams to ensure secure design and delivery.
• Act as a security advisor to stakeholders, explaining risks and recommendations in simple, non-technical terms.
• Participate in incident response and post-incident reviews, ensuring lessons learned are applied.
• Stay updated on emerging threats, attack techniques, and new security technologies.

Qualifications

• Bachelor's or Master's degree in Computer Science, Information Security, or related field.
• 7-10 years of experience in information security roles.
• Strong expertise in penetration testing (web, mobile, API) with hands-on experience.
• Hands-on experience with SAST, DAST, SCA, IaC scanning, and container security tools (e.g., SemGrep, Checkmarx, Veracode, BurpSuite, ZAP, Prisma, Trivy, etc.).
• Deep understanding of DevSecOps principles, CI/CD pipeline security, and security automation.
• Knowledge of cloud security best practices in AWS and Azure (e.g., IAM, networking, encryption, monitoring).
• Familiarity with Kubernetes, Docker, and container runtime security.
• Solid grasp of security architecture and secure design principles.
• Strong scripting skills (Python, Bash, or similar).
• Excellent communication and stakeholder management skills.

Good to Have

• Certifications such as OSCP, OSWE, CISSP, CCSP, CKS, CKA, AWS Security Specialty, or Azure Security Engineer Associate.
• Exposure to GRC frameworks (ISO 27001, SOC 2, NIST, CIS).
• Familiarity with privacy and compliance requirements (GDPR, PCI DSS, HIPAA, etc.).

Soft Skills

• Strong analytical and problem-solving mindset.
• Ability to explain technical risks to non-technical audiences.
• Collaborative approach, working effectively with development, DevOps, product, and leadership teams.
• Passion for continuous learning and building a culture of security.

Halian is hiring IT Security Operations Engineer in Dubai, UAE.

Greetings

Experience required: 5+ Years

Duration: Perm

Note: Must be available within UAE.

Qualification

* A Bachelor's degree in computer science, computer engineering or a relevant field.

* 5+ years of experience in a similar role.

* Strong written and verbal communication abilities in English.

* Hands-on experience with enterprise-level cloud, infrastructure, and security operations.

* Adept at problem-solving, with keen attention to detail.

* Ability to suggest competitive and innovative technical plans and ideas.

* Microsoft Azure certifications are an additional advantage.

* Always curius to learn new things and develop own skills, self learner.

Technical Skills:

* Experience in threat intelligence, vulnerability management, SIEM, penetration testing, and infrastructure hardening.

* Proficiency in Microsoft Security Suite including Microsoft Sentinel, Microsoft Defender XDR, and Microsoft Defender for Cloud.

* Hands-on knowledge of DevOps security, including secure CI/CD, container security, and code scanning tools.

* Strong understanding of hybrid cloud architectures, network security, identity protection, and endpoint management.

* Must have scripting experience in KQL to streamline operations and data processing.

* Experience with configuration compliance tools and benchmarks (e.g., CIS, Microsoft Security Baselines).

=> Interested people, share your resume to

We have an urgent requirement for Security Engineer for one of our clients in Dubai
Strong experience with identity security IAM, WAFs, EDR/XDR, SIEM, SOAR, VPNs, Firewalls, GRC platforms and other Security Tools.--
Must
Strong understanding of networking, web protocols, and cloud security--
Must
Familiarity with regulatory frameworks (e.g., GDPR, ISO 27001, UAE-IA and DESC-ISR)--
Must
Design and propose integrated security solutions leveraging ObserveID, Penta WAPPLES, TEHTRIS, GRC platforms and other Network & Security Platforms-
-Must
Technical Presales & Post Sales Support Experience --Must
Certifications such as CISSP, CEH, or equivalent -
preffered
Job Description Overview
Security Engineer with hands-on technical expertise to support the sales team for cybersecurity solutions, who will be responsible in designing, implementing, and maintaining security solutions across Identity Security Platform, Web Security, End point Security, Remote Access, Cloud Security and Governance, Risk, and Compliance (GRC) platforms. This role involves understanding client requirements, designing tailored solutions, delivering product demonstrations, ensuring successful proof-of-concept (POC) engagements and provide post-sales deployment and support to ensure robust protection of the client organization's digital assets.

Key Responsibilities

• Technical Pre-Sales Support

• Support technical discussions with prospective clients to understand their business and security needs.

• Design and propose integrated security solutions leveraging ObserveID, Penta WAPPLES, TEHTRIS, GRC platforms and other Network & Security Platforms that will be onboarded.
• Conduct and manage demos, workshops and POCs, ensuring technical success and alignment with client objectives and to showcase solution value.
• Collaborate with sales, product, and engineering teams to refine solutions and address client feedback

• Maintain deep technical knowledge of supported solutions and broader cybersecurity trends and support in delivering technical training to partners, resellers, and internal teams as needed.

• Solution Architecture & Design

• Work with Product team to architect end-to-end security solutions, ensuring integration and interoperability between ObserveID, Penta WAPPLES, TEHTRIS, GRC platforms and other Network & Security Platforms.

• Stay updated on product roadmaps for the above mentioned solutions and new features to provide the latest solutions to clients.

• Post Sales Support

• Implement, support and manage ObserveID's Identity security platform, ensuring secure integration with cloud and on-premises environments.

• Deploy, configure, and tune Penta WAPPLES WAF to protect web servers and applications from OWASP Top 10, zero-day, and advanced threats.
• Implement and manage TEHTRIS security solutions for endpoint, network, and threat intelligence.
• Support GRC initiatives by conducting risk assessments, automating risk scoring, and ensuring compliance with internal and external standards.
• Support the deployment and configuration of security tools & Platforms ensuring they align with compliance standards.

• Assist with implementation of compliance standards and perform security audits, documentation, and reporting for regulatory and client requirements.

• General Security Engineering

• Continuously work with Product teams to monitor systems for vulnerabilities and threats.

• Collaborate with Sales, Product teams to ensure secure system design and implementation.
• Stay updated on the latest security threats, technologies, and best practices.

Required Skills And Qualifications

• Bachelor's degree in computer science, Information Security, or related field.
• 3+ years of experience in security engineering or a similar role.
• Hands-on experience with identity security IAM, WAFs, EDR/XDR, SIEM, SOAR, VPNs, Firewalls, GRC platforms and other Security Tools.
• Strong understanding of networking, web protocols, and cloud security.
• Proficiency in incident response, vulnerability assessment, and risk management.
• Familiarity with regulatory frameworks (e.g., GDPR, ISO 27001, UAE-IA and DESC-ISR).
• Excellent analytical, problem-solving, and communication skills.
• Certifications such as CISSP, CEH, or equivalent are a plus.

Preferred Experience

• Direct experience with ObserveID, Penta WAPPLES, TEHTRIS, and GRC tools.
• Scripting or automation skills (e.g., Python, PowerShell).
• Experience with multi-cloud and hybrid environments.

Skills: sales,cloud,security