173 Software Security jobs in the United Arab Emirates

Job Title: Cybersecurity Vulnerability Specialist

Our organization is seeking a highly skilled and experienced Cybersecurity Vulnerability Specialist to join our team. The ideal candidate will have a strong background in vulnerability assessments and penetration testing, with excellent analytical and troubleshooting skills.

Key Responsibilities:

• Conduct comprehensive vulnerability assessments and penetration tests for networks, applications, and cloud infrastructure.
• Identify and document vulnerabilities, providing actionable recommendations for remediation.
• Collaborate with the lead consultant to validate and prioritize findings.
• Prepare detailed technical reports and provide guidance on remediation strategies.
• Stay up-to-date with the latest threats, tools, and methodologies in the field.

Qualifications:

• Bachelor's degree in Cybersecurity or a related field.
• At least 3 years of hands-on experience in vulnerability assessments and penetration testing.
• Preferred certifications: OSCP, CEH, or eJPT.
• Proficiency in tools like Burp Suite, Metasploit, Nessus, and Nmap.
• Excellent analytical and problem-solving skills.

We are currently looking for a Vulnerability Assessment and Pentest (VAPT) Manager - Banking for our UAE operations with the following qualifications:

1. Education Level Required:
2. Bachelor's degree in computer science, Network / Cyber Security, or related information technology field.
3. Experience in quality assurance in Vulnerability Assessment and Pentest (VAPT).
4. Skills to verify scripts and test cases before execution for all types of VAPT such as application, internal, external, WiFi, etc.
5. Platform specific (e.g., SIEM / Networking / Operating System) certifications.
6. Security (e.g., SANS / ISC2 / CEH / CISSP / CISM / CISO) certifications.
7. Experience:
8. 7 - 10 years' experience in Information Security or related field.
9. Strong operations knowledge with banking background and hands-on experience in implementing and managing IS applications such as EDR, SIEM, DLP, with network-related experience and education in computer science, Network / Cyber Security, and related certifications.

Join to apply for the Application Security Engineer role at Dicetek LLC

Join to apply for the Application Security Engineer role at Dicetek LLC

Get AI-powered advice on this job and more exclusive features.

• 5 or more years of experience in Application Security & Infrastructure Security VAPT.
• Bachelor's degree or above in Computer Science, Information Security, or a related field.
• Relevant certifications such as OSCP, CEH, CISSP, CISA, CRTP, GWAPT, GMOB, or GIAC are preferred.
• Strong knowledge of Web , Mobile & AI Application Security (OWASP Top 10), Secure Code Review, API Security, Cloud Security (AWS, Azure, GCP), and Infrastructure Security.
• Experience with security tools such as Burp Suite, SonarQube, Fortify, Metasploit, Nessus, Qualys, Nmap, Acunetix, ZAP, and Kali Linux.
• Understanding of data protection regulations (UAE- IA, ISO 27001, NIST, PCI-DSS, etc.).
  

• 5 or more years of experience in Application Security & Infrastructure Security VAPT.
• Bachelor's degree or above in Computer Science, Information Security, or a related field.
• Relevant certifications such as OSCP, CEH, CISSP, CISA, CRTP, GWAPT, GMOB, or GIAC are preferred.
• Strong knowledge of Web , Mobile & AI Application Security (OWASP Top 10), Secure Code Review, API Security, Cloud Security (AWS, Azure, GCP), and Infrastructure Security.
• Experience with security tools such as Burp Suite, SonarQube, Fortify, Metasploit, Nessus, Qualys, Nmap, Acunetix, ZAP, and Kali Linux.
• Understanding of data protection regulations (UAE- IA, ISO 27001, NIST, PCI-DSS, etc.).
  

• Conduct in-depth security assessments and penetration testing for applications and infrastructure to identify security weaknesses.
• Assess application security risks, including web applications, APIs, cloud environments, and mobile applications.
• Perform infrastructure security testing across servers, networks, databases, and cloud services.
• Collaborate with development, IT, and security teams to remediate identified vulnerabilities.
• Develop and maintain security testing methodologies, reports, and best practices.
• Ensure compliance with security policies, frameworks, and regulatory requirements.
• Provide security recommendations and enhancements to improve overall security posture.

• Seniority level Not Applicable

• Employment type Contract

• Job function Information Technology
• Industries IT Services and IT Consulting

Referrals increase your chances of interviewing at Dicetek LLC by 2x

Global Village, Dubai, United Arab Emirates 6 months ago

We're unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

Bayut & dubizzle are iconic, homegrown brands with a strong presence across the seven emirates in the UAE. Connecting millions of users, we aim to deliver the best online search experience.

As part of Dubizzle Group, we are among the market's strongest classified brands, with over 123 million monthly users trusting our platform.

As an Application Security Engineer, you will:

• Collaborate with internal teams to implement security controls, address vulnerabilities, and improve security practices across platforms & services.
• Conduct penetration testing on web applications, mobile applications, APIs, networks, and systems, coordinating with external partners as needed.
• Identify, document, and process vulnerabilities, threats, and risks according to our risk management policies.
• Participate in security incident resolution and help develop, maintain, and evaluate the Incident Response Plan.
• Monitor internal alerting systems and ensure timely resolution of security events.
• Participate in audits, including user access reviews, and ensure remediation of findings within agreed timelines.
• Enhance security awareness within technical teams through educational materials and campaigns.
• Review and update internal security policies and controls regularly.

Minimum qualifications:

• Bachelor's degree in Computer Science, Information Security, or related field.
• 2+ years in application development.
• 3-5 years of experience in information security or similar roles.
• Proven experience as a Security Analyst, Engineer, Penetration Tester, or similar.
• Experience with security frameworks like ISO 27001, NIST, and Data Protection.
• Understanding of securing corporate environments and applications.
• Knowledge of hosting platforms, cloud services, and enterprise networking.
• Technical understanding of backend architectures.
• Familiarity with secure coding practices and vulnerability management frameworks (OWASP).
• Strong knowledge of identity and access management practices.
• Experience with security technologies such as firewalls, IDS/IPS, vulnerability scanning tools.
• Proficiency in programming languages like Python or C++.
• Understanding of network protocols and encryption algorithms.
• Knowledge of compliance standards like PCI DSS, GDPR.
• Excellent communication skills and analytical problem-solving abilities.
• Willingness to stay updated with emerging threats and technologies.

Benefits:

• Fast-paced, high-performing team environment.
• Multicultural workplace with over 50 nationalities.
• Competitive tax-free salary and comprehensive health insurance.
• Annual air ticket allowance and employee discounts.
• Recognition programs and learning opportunities.

Bayut & dubizzle are equal opportunity employers, committed to diversity and inclusion.

#dubizzlegroup

Bayut & dubizzle have the unique distinction of being iconic, homegrown brands with a strong presence across the seven emirates in the UAE. Connecting millions of users across the country, we are committed to delivering the best online search experience.

As part of Dubizzle Group, we are alongside some of the strongest classified brands in the market. With a collective strength of 6 brands, we have more than 123 million monthly users that trust in our dedication to providing them with the best platform for their needs.

As an Application Security Engineer, you will work closely with the Head of Group IT and with the other relevant stakeholders from the IT and development teams to ensure that security is a core component of our systems and practices. You will be responsible for helping define, implement, and audit the effectiveness of our security controls and providing actionable recommendations to mitigate risks across a broad range of applications and services.

In this role you will :

• Collaborate with internal teams to implement security controls, address vulnerabilities and improvesecurity practices in the relevant platforms & services.
• Conduct penetration testing on web applications, mobile applications, APIs, networks, and system and coordinate the pen-testing projects executed by external partners.
• Ensure identified vulnerabilities, threats and risks are captured and processed in line with our risk management policy and procedure.
• Take part in security incident resolution and contribute to the development, maintenance and assessment of the Incident Response Plan's effectiveness.
• Monitor the internal alerting systems and drive the events to closure.
• Participate in regular internal and external audits (including periodic user access reviews) on critical systems and ensure audit findings are remediated in the agreed timeframe.
• Reduce the information security knowledge gap within the technical teams by contributing to the creation of educational materials and awareness campaigns.
• Implement and regularly review the internal security policies and controls across all business-critical services.

Requirements

• Bachelor's degree in computer science, Information Security, or a related field.
• Minimum of 2 years in application development role
• 3-5 years of experience in information security or a related role.
• Proven experience as a Security Analyst, Security Engineer, Penetration Tester or
• similar role.
• Experience with the current Security frameworks such as ISO 27001, NIST and Data Protection.
• Good understanding of how to secure corporate environments and business applications.
• Solid understanding of hosting platforms, public cloud services and enterprise networking.
• Technical understanding of backend engineering architectures.
• Familiarity with secure coding practices and vulnerability management frameworks (OWASP);
• Strong knowledge of secure identity and access management practices.
• Strong knowledge of security technologies, including firewalls, IDS / IPS, and open-source vulnerability scanning tools.
• Proficiency in programming languages commonly used in security, such as Python or C++;
• Familiarity with network protocols and encryption algorithms.
• Understanding of regulatory frameworks and compliance standards (, PCI DSS,GDPR).
• Able to define and select solutions for the cybersecurity space and monitor their effectiveness.
• Good communication skills, both written and verbal, with the ability to drive alignment with technical and business stakeholders.
• Strong analytical and problem-solving skills.
• Continuous learning mindset to stay on top of emerging threats and technologies, with a willingness to apply processes unique to the challenges at Dubizzle Group;
• Disciplined and logical thinker with the ability to draw conclusions from large data sets.
• A fast paced, high performing team.
• Multicultural environment with over 50 different nationalities
• Competitive Tax-free Salary
• Annual Air Ticket Allowance
• Employee discounts at multiple vendors across the emirates
• Rewards & Recognitions
• Learning & Development

Bayut & dubizzle is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees.

Bayut & dubizzle have the unique distinction of being iconic, homegrown brands with a strong presence across the seven emirates in the UAE. Connecting millions of users across the country, we are committed to delivering the best online search experience.

As part of Dubizzle Group, we are alongside some of the strongest classified brands in the market. With a collective strength of 6 brands, we have more than 123 million monthly users that trust in our dedication to providing them with the best platform for their needs.

As an Application Security Engineer, you will work closely with the Head of Group IT and with the other relevant stakeholders from the IT and development teams to ensure that security is a core component of our systems and practices. You will be responsible for helping define, implement, and audit the effectiveness of our security controls and providing actionable recommendations to mitigate risks across a broad range of applications and services.

In this role you will:

• Collaborate with internal teams to implement security controls, address vulnerabilities and improvesecurity practices in the relevant platforms & services.
• Conduct penetration testing on web applications, mobile applications, APIs, networks, and system and coordinate the pen-testing projects executed by external partners.
• Ensure identified vulnerabilities, threats and risks are captured and processed in line with our risk management policy and procedure.
• Take part in security incident resolution and contribute to the development, maintenance and assessment of the Incident Response Plan's effectiveness.
• Monitor the internal alerting systems and drive the events to closure.
• Participate in regular internal and external audits (including periodic user access reviews) on critical systems and ensure audit findings are remediated in the agreed timeframe.
• Reduce the information security knowledge gap within the technical teams by contributing to the creation of educational materials and awareness campaigns.
• Implement and regularly review the internal security policies and controls across all business-critical services.
• Bachelor's degree in computer science, Information Security, or a related field.
• Minimum of 2 years in application development role
• 3-5 years of experience in information security or a related role.
• Proven experience as a Security Analyst, Security Engineer, Penetration Tester or
• similar role.
• Experience with the current Security frameworks such as ISO 27001, NIST and Data Protection.
• Good understanding of how to secure corporate environments and business applications.
• Solid understanding of hosting platforms, public cloud services and enterprise networking.
• Technical understanding of backend engineering architectures.
• Familiarity with secure coding practices and vulnerability management frameworks (OWASP);
• Strong knowledge of secure identity and access management practices.
• Strong knowledge of security technologies, including firewalls, IDS/IPS, and open-source vulnerability scanning tools.
• Proficiency in programming languages commonly used in security, such as Python or C++;
• Familiarity with network protocols and encryption algorithms.
• Understanding of regulatory frameworks and compliance standards (e.g., PCI DSS,GDPR).
• Able to define and select solutions for the cybersecurity space and monitor their effectiveness.
• Good communication skills, both written and verbal, with the ability to drive alignment with technical and business stakeholders.
• Strong analytical and problem-solving skills.
• Continuous learning mindset to stay on top of emerging threats and technologies, with a willingness to apply processes unique to the challenges at Dubizzle Group;
• Disciplined and logical thinker with the ability to draw conclusions from large data sets.
• A fast paced, high performing team.
• Multicultural environment with over 50 different nationalities
• Competitive Tax-free Salary
• Comprehensive Health Insurance
• Annual Air Ticket Allowance
• Employee discounts at multiple vendors across the emirates
• Rewards & Recognitions
• Learning & Development
  

Bayut & dubizzle is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees.

#dubizzlegroup

#J-18808-Ljbffr

Agoda is an online travel booking platform for accommodations, flights, and more. We build and deploy cutting-edge technology that connects travelers with a global network of 4.7M hotels and holiday properties worldwide, plus flights, activities, and more. Based in Asia and part of Booking Holdings, our 7,100+ employees representing 95+ nationalities in 27 markets foster a work environment rich in diversity, creativity, and collaboration. We innovate through a culture of experimentation and ownership,enhancing the ability for our customers to experience the world.

Our Purpose - Bridging the World Through Travel

We believe travel allows people to enjoy, learn and experience more of the amazing world we live in. It brings individuals and cultures closer together, fostering empathy, understanding and happiness.We are a skillful, driven and diverse team from across the globe, united by a passion to make an impact. Harnessing our innovative technologies and strong partnerships, we aim to make travel easy and rewarding for everyone.

Get to Know our Team :

The Security Department oversees security, compliance, GRC, and security operations for all Agoda. We are vigilant in ensuring there is no breach or vulnerability threatening our company or endangering our employeesin order tokeep Agoda safe and protected. This would be a great challenge for those who want to work with the best technology in a dynamic and advanced environment.

The Opportunity :

You will be working in a fast paced DevSecOps environment where code change happens at a rapid speed and where it is paramount to control security testing into a continuous deployment / integration flow.

In this Role, you'll get to :

• Play a lead role in developing and designing application-level security controls and standards.
• Perform application security design reviews against new products and services.
• Track and prioritize all security issues.
• Build internal security tools that help fix security problems at scale.
• Perform code review and drive remediation of discovered issues.
• Enable automated security testing at scale to measure vulnerability, and report on risk across all microservice, web and mobile platforms.
• Execute security tests on thousands of servers which are spread across on-premise and public cloud data centers.

What you'll Need to Succeed :

• Strong foundations in software engineering.
• Minimum of 7 years of technical experience with any combination of the following : threat modeling experience, secure coding, identity management and authentication, software development, cryptography, system administration and network security.
• Minimum 2 years experience with Software Development Life Cycle in one or more languages (Rust, Python, Go, Nodejs, etc.)
• Minimum 1 year experience with public / private cloud environments (Openshift, Rancher, K8s, AWS, GCP, Azure, etc.)
• Experience in running assessments using OWASP MASVS and ASVS.
• Working knowledge on exploiting and fixing application vulnerabilities.
• Strong background in threat modeling.
• In-depth knowledge of common web application vulnerabilities (i.e. OWASP Top 10).
• Familiarity with automated dynamic scanners, fuzzers, and proxy tools.
• An analytical mind for problem solving, abstract thought, and offensive security tactics.
• Highly effective communication skills, in both verbal and written forms, to effectively convey technical and non-technical concepts to a wide variety of audiences
• Relocation package is provided in case you prefer to relocate to Bangkok, Thailand. Our benefits are.
• Hybrid Working Model
• 30 Days of Remote Working from anywhere globally every year
• Employee discount for accommodation globally
• Global team of 90+ nationalities
• 40+ offices and 25+ countries
• Annual CSR / Volunteer Time off
• Benevity Subscription for employee donations
• Volunteering opportunities globally
• Free Headspace subscription
• Free Odilo & Udemy subscriptions
• Access to Employee Assistance Program (third party for personal and workplace support)
• Enhanced Parental Leave

Equal Opportunity Employer

At Agoda, we pride ourselves on being a company represented by people of all different backgrounds and orientations. We prioritize attracting diverse talent and cultivating an inclusive environment that encourages collaboration and innovation. Employment at Agoda is based solely on a person's merit and qualifications. We are committed to providing equal employment opportunity regardless of sex, age, race, color, national origin, religion, marital status, pregnancy, sexual orientation, gender identity, disability, citizenship, veteran or military status, and other legally protected characteristics.

Wewill keep your application on file so that we can consider you for future vacancies and you can always ask to have your details removed from the file. For more details please read our privacy policy.

Disclaimer

We do not accept any terms or conditions, nor do we recognize any agency's representation of a candidate, from unsolicited third-party or agency submissions. If we receive unsolicited or speculative CVs, we reserve the right to contact and hire the candidate directly without any obligation to pay a recruitment fee.

J-18808-Ljbffr

Application Engineer
• Abu Dhabi, Abu Dhabi Emirate, United Arab Emirates

Abu Dhabi, United Arab Emirates | Posted on 12/20/2024

The SOC Engineer plays a critical role in ensuring the organization's cybersecurity posture is robust and resilient. The position is responsible for monitoring, analyzing, and responding to security events and incidents, maintaining security tools and technologies, and supporting continuous improvements to SOC operations.

1. Own and operate most important security solutions designed to protect the company from cyber threats and attacks.
2. Lead in deploying new solutions and technologies to improve the security posture of the company.
3. Continuous fine-tuning of our security solutions to reduce the occurrence of false positive and false negative alerts.
4. Act as L3 escalation point in analyzing and responding to security incidents from various security technologies and platforms.
5. Perform platform health checks to ensure that our security solutions are operating effectively and efficiently.
6. Drive continuous improvement to reduce threat dwell time in our environment through automation, process simplification, among others.
7. Work closely with the Penetration Test Team, Cyber Hunt Team, Threat Intel, and other internal organizations to achieve the shared vision of improving the company's cyber security posture.
8. Use tools to respond to incidents, and actively improve the cyber security posture of the company.
9. Develop the technical skills of the junior SOC analysts in the team to empower them to be more effective and efficient in their roles.

Education and Certifications:

1. Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or a related field.
2. Certifications such as CompTIA Security+, CEH, CISSP, or GIAC are highly preferred.

4 years of experience in SOC operations, cybersecurity, or a related field.

1. Hands-on experience with SIEM tools, IDS/IPS, firewalls, and other security technologies.
2. Proven track record in incident detection, analysis, and response.

1. Strong understanding of networking protocols and concepts (e.g., TCP/IP, DNS, HTTP).
2. Full knowledge of the following tools:
1. NAC Solutions.
2. SIEM Solutions.
3. EDR Solutions.
4. NDR Solutions.
5. IAM (Identity and Access Management).
6. PAM (Privileged Access Management).
7. Familiarity with forensic tools and methodologies.

1. Excellent problem-solving and analytical skills.
2. Strong written and verbal communication abilities.
3. Ability to work effectively in high-pressure situations.
4. Team-oriented mindset with a proactive approach to learning and collaboration.

1. Mean time to detect (MTTD) and respond (MTTR) to incidents.
2. Uptime and performance of SOC tools and technologies.
3. Accuracy and completeness of incident documentation.
4. Contribution to process improvement and automation.

1. On-call availability for critical incidents.
2. On-Site work model based on organizational policies.

Job Title: SOC Engineer

Department: Cybersecurity Section

The SOC Engineer plays a critical role in ensuring the organization's cybersecurity posture is robust and resilient. The position is responsible for monitoring, analyzing, and responding to security events and incidents, maintaining security tools and technologies, and supporting continuous improvements to SOC operations.

• Own and operate the most important security solutions designed to protect the company from cyber threats and attacks.
• Lead in deploying new solutions and technologies to improve the security posture of the company.
• Continuously fine-tune security solutions to reduce false positives and negatives.
• Act as L3 escalation point in analyzing and responding to security incidents from various security technologies and platforms.
• Perform platform health checks to ensure effective and efficient operation of security solutions.
• Drive continuous improvements to reduce threat dwell time through automation and process simplification.
• Collaborate with Penetration Testing, Cyber Hunt, Threat Intelligence, and other internal teams to enhance cybersecurity posture.
• Use tools to respond to incidents and actively improve the company's cybersecurity defenses.
• Develop the technical skills of junior SOC analysts to empower their effectiveness.

Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or related fields. Certifications such as CompTIA Security+, CEH, CISSP, or GIAC are highly preferred.

At least 4 years in SOC operations, cybersecurity, or related fields. Hands-on experience with SIEM tools, IDS/IPS, firewalls, and other security technologies. Proven incident detection, analysis, and response skills.

Strong understanding of networking protocols (TCP/IP, DNS, HTTP). Proficiency with NAC, SIEM, EDR, NDR solutions, IAM, PAM, and user behavior analysis. Familiarity with forensic tools and methodologies.

Excellent problem-solving and analytical skills. Strong communication abilities. Ability to work under pressure. Team-oriented with proactive learning and collaboration mindset.

• Mean time to detect (MTTD) and respond (MTTR) to incidents.
• Uptime and performance of SOC tools and technologies.
• Accuracy and completeness of incident documentation.
• Contribution to process improvement and automation.

• On-call availability for critical incidents.
• On-site work based on organizational policies.