This opportunity is with our client — a leading diversified holding company in the UAE. Key Responsibilities: - Perform secure design/code reviews and threat modelling across SDLC. - Lead application penetration tests and vulnerability assessments. - Collaborate with Dev, Product & Security teams to strengthen controls. - Drive remediation of security findings and support incident response. - Promote secure coding practices and application hardening standards. - Ensure compliance with data protection regulations (GDPR + regional). - Evaluate cloud architectures (Azure/GCP/OCI) and identify risks. - Translate DevSecOps recommendations into practical security actions. - Maintain security documentation and align with OWASP standards.

Required Skills & Experience: - 3–4 years in Application / Offensive Security. - Hands-on in Web, Mobile, API, Cloud & Infrastructure Pentesting. - Threat modelling, code review & attack-surface assessment. - Experience with CI/CD security and DevSecOps tooling. - Scripting: Python / Bash / PowerShell. - Tools: Burp Suite, Metasploit, Nessus, Wireshark, Nmap, Cobalt Strike etc. - Knowledge of Windows/Linux internals & cloud environments. Qualifications: - Bachelor’s in Computer Engineering / Information Security or related field. - Preferred: OSCP, CEH, Cloud Security Certification (Azure/GCP/OCI/AWS). Key Demographic Requirements - applicants must be: Based in UAE