Application Security Lead Consultant

Company Description

We are entrepreneurs in disruptive technology, at Devoteam, we deliver innovative technology consulting for business. Digital Transformakers, we are 7,000+ professionals across EMEA dedicated to ensuring our clients win their digital battle. We improve business performance making their companies truly digital. We advise our clients and build IT infrastructure for digital, making sure people are along for the ride.
Devoteam Middle East, we are the region's leading consulting firm delivering innovative Business & Technology Consulting & Solutions. Our 14 years of existence anchored in technologies that enables our clients business to flourish, accordingly our focus is to help our clients' win the digital battle, adapted to our clients’ business challenges, with a unique consideration to its impact on their systems and structures.
To know more about us, please visit: www.devoteam.com

Job Description

• Champion secure coding practices and integrate security requirements into all phases of the Software Development Life Cycle (SDLC).
• Collaborate with development teams to embed security considerations in application design, development, and testing.
• Perform threat modeling, risk assessments, and security reviews at each stage of the SDLC.
• Develop and implement security testing strategies and frameworks, including SAST, DAST, and IAST.
• Provide expert guidance on secure coding standards, vulnerability remediation, and security best practices.
• Contribute to the establishment and maintenance of application security policies, standards, and guidelines.
• Monitor and analyze application security trends and emerging threats to proactively address potential risks.
• Champion a security-first culture within the development organization, fostering collaboration and knowledge sharing.

Qualifications

• Bachelor's degree in Computer Science, Information Security, or a related field.
• 8+ years of experience in Application Security.
• Extensive experience in application security and secure SDLC implementation.
• Deep understanding of application security vulnerabilities, threats, and attack vectors.
• Strong knowledge of web application architectures, technologies, and security frameworks (e.g., OWASP, SANS).
• Proficiency in secure coding practices and vulnerability remediation techniques.
• Excellent communication, collaboration, and presentation skills.
• Relevant certifications (e.g., OSCP, CEH, GWAPT, CSSLP) are highly desirable.