×
Register Here to Apply for Jobs or Post Jobs. X

Application Security Architect: DevSecOps & Cloud

Job in Doha, Baladīyat ad Dawḩah, Qatar
Listing for: DOHA BANK
Full Time position
Listed on 2026-07-18
Job specializations:
  • IT/Tech
    Cybersecurity, Systems Engineer, Security Management & Operations, Information Security
Salary/Wage Range or Industry Benchmark: 180000 - 240000 QAR Yearly QAR 180000.00 240000.00 YEAR
Job Description & How to Apply Below

The Application Security Specialist is responsible for designing, implementing, and governing application security across enterprise systems, ensuring that all applications are secure by design and compliant with organizational and regulatory requirements.

The role focuses on integrating security into the Software Development Lifecycle (SDLC), driving Dev Sec Ops  practices, and establishing secure architecture standards across cloud, on-premises, and hybrid environments.

Key Responsibilities:

1. Application Security Strategy

  • Develop and maintain the enterprise Application Security program
  • Define and implement secure-by-design principles across all applications
  • Establish and monitor key security metrics (e.g., vulnerability reduction, remediation timelines)
  • Continuously improve application security maturity

2. Security Architecture & Design (Knowledge)

  • Design and review secure architectures for applications, APIs, and microservices
  • Lead threat modeling activities (e.g., STRIDE methodology)
  • Define and enforce security design patterns, including authentication, encryption, and data protection
  • Participate in architecture governance and review forums

3. Dev Sec Ops  & Secure SDLC

  • Integrate security controls into CI/CD pipelines
  • Implement and manage application security testing tools (SAST, DAST, SCA)
  • Establish secure coding standards aligned with OWASP Top 10
  • Automate security validation and enforcement across development pipelines
  • Design and implement secure cloud architectures across AWS and/or Azure environments
  • Enforce Identity and Access Management (IAM) and Zero Trust principles
  • Ensure effective monitoring, logging, and threat detection in cloud platforms

5. Security Testing & Assurance

  • Coordinate vulnerability assessments, penetration testing, and application security reviews
  • Ensure timely remediation and closure of identified vulnerabilities
  • Validate security controls through regular testing and simulation exercises

6. Security Operations Integration

  • Collaborate with SOC teams to enhance monitoring and incident response capabilities
  • Support SIEM use case development and optimization
  • Analyze security trends and proactively identify emerging risks
  • Ensure adherence to security standards and regulatory requirements, including:
  • PCI DSS
  • SWIFT CSP
  • ISO 27001
  • Support internal and external audits and regulatory assessments
  • Develop and maintain security policies, standards, and procedures
  • Provide security guidance to development, Dev Ops, and architecture teams
  • Conduct training and awareness sessions on secure coding practices
  • Act as a trusted advisor on application security matters

Qualifications & Experience:

  • Bachelor’s degree in computer science, Cybersecurity, Software Engineering, or a related field
  • Minimum 8–12 years of experience in cybersecurity, with strong focus on:
  • Application Security
  • Dev Sec Ops
  • Experience in the banking or financial services sector preferred

Technical Skills:

  • Strong knowledge of:
  • OWASP Top 10 and secure coding practices
  • Secure SDLC and threat modeling techniques
  • API and web application security
  • Experience with application security tools:
  • SAST, DAST, and SCA platforms
  • Proficiency in cloud security (AWS / Azure)
  • Knowledge of container security (Kubernetes / Open Shift)
  • Familiarity with SIEM, vulnerability management, and security monitoring
  • Strong analytical and problem-solving skills
  • Effective communication and stakeholder management
  • Ability to influence cross-functional teams
  • Strong attention to detail and risk awareness

Professional Certifications:

Required (Minimum
2):

  • CISSP (Certified Information Systems Security Professional)
  • CCSP (Certified Cloud Security Professional)
  • CISM or CRISC

Preferred:

  • CEH (Certified Ethical Hacker)
  • Microsoft Azure Security Engineer (AZ-500) or AWS Security Specialty
  • OSCP (Offensive Security Certified Professional)

Additional Information:

  • This role requires close collaboration with development, infrastructure, and security teams
  • The position involves both strategic planning and hands-on technical contributions
  • Experience in regulated environments is highly desirable
#J-18808-Ljbffr
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary