Urgent requirement for Information Security Engineer(penetration testing, DevSecOps practices, cloud security (AWS & Azure), and security architecture.) with Banking Experience Required is required for our banking clients in Abu Dhabi ,UAE
Strong expertise in penetration testing (web, mobile, API) with hands-on experience.--Must
Strong Experience in DevSecOps practices, cloud security (AWS & Azure), and security architecture.--Must
Configure, fine-tune, and review results from SAST, DAST, IaC, container, and dependency scanning tools.--Must
Job Description: Security Engineer
Position Overview
We are looking for an experienced Security Engineer with 7-10 years of proven expertise in application, infrastructure, and cloud security. The ideal candidate will have hands-on experience in penetration testing, DevSecOps practices, cloud security (AWS & Azure), and security architecture. They will also play a key role in building a strong security culture, driving awareness, and collaborating with multiple teams to integrate security seamlessly across the organization.
Responsibilities
Perform penetration testing of web applications, mobile applications, and APIs.
Perform secure code reviews to identify vulnerabilities in application code, scripts, and configurations.
Configure, fine-tune, and review results from SAST, DAST, IaC, container, and dependency scanning tools.
Drive DevSecOps initiatives, including security integration in CI/CD pipelines.
Review and enhance Kubernetes security, container security, and infrastructure security.
Contribute to security architecture design and reviews for applications, infrastructure, and cloud.
Conduct threat modeling, risk assessments, and vulnerability management.
Establish and deliver security training, awareness sessions, and best practices to teams.
Collaborate with development, DevOps, and infrastructure teams to ensure secure design and delivery.
Act as a security advisor to stakeholders, explaining risks and recommendations in simple, non-technical terms.
Participate in incident response and post-incident reviews, ensuring lessons learned are applied.
Stay updated on emerging threats, attack techniques, and new security technologies.
Skills: security,penetration testing,cloud security,devsecops
