Hamad International Airport
Hamad International Airport (HIA) is the hub for the rapidly expanding international Qatar Airways network. Open 24/7 and located just five km from Doha's city centre, the airport is used by more than 35 regional and international airlines. It is also home to the world’s only terminal dedicated to Qatar Airways First and Business Class passengers.
About your job::
You will be required to be part of HIA IT Security and Compliance team, to enable HIA build and deliver secure products & services by analyzing software designs and implementations from a security perspective, and identify and resolve security issues and ensure systems comply with Group IT security standard.
You will assess current threat landscape and business needs by performing technical security assessments of current and new software systems and monitor for emerging vulnerabilities; to identify, communicate and track risk appropriately to software teams and project managers.
Key accountabilities include:-
- Work with development teams and vendors to carry out Application Security Reviews; Perform activities including threat modeling, security testing and vulnerability triage across various applications, code reviews, SDLC support and write technical reports based on findings.
- Support in providing hands-on remediation guidance to development teams on security vulnerabilities.
- Apply security throughout the system/solution development lifecycle using Secure Development Lifecycle processes and techniques.
- Vulnerability management of all end points includes regular scanning for new vulnerabilities, patch management, verifying compliance to against applicable standards etc.
- Contribute in establishing and Implementing secure development, coding guidance and Non-functional requirements to engineering teams for commercial of the shelf software and custom implementations.
- Regularly examine systems and applications to understand current security posture and to improve.
- Contribute to meet established Security & Compliance KPIs and support the team on other Security activities and initiatives.
- Contribute and adhere to ISO 20000, ISO 27000, OWASP, SANS and Qatar WC 22 Cyber Security Framework compliance requirements.
- Graduate in Computer / Engineering or equivalent.
- Minimum 4 years hands-on application security experience.
- Detailed technical knowledge of techniques, standards and state-of-the art capabilities for authentication and authorization, applied cryptography, security vulnerabilities and remediation
- Knowledge of penetration testing, Static Analysis/ Static Application Security Testing (SAST), Vulnerability Assessment/Scanning, Dynamic Analysis/Dynamic Application Security Testing (DAST), Malicious Software Analysis
- Experience or understanding of software systems design tools and languages.
- Good analytical and problem solving skills.
- Understanding of design for software systems running on multiple platform types
- Understanding of basic testing, coding, and debugging procedures.
- Familiarity with common application security and vulnerability assessment tools, experience working with common tools
- Strong written and verbal communication.
- Certifications like Certified Ethical Hacker (CEH), ITIL V3 Foundation.
Note: you will be required to attach the following:
1. Resume / CV
2. Copy of Highest Educational Certificate
3. Copy of Passport