×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Systems Engineer Cloud Computing: Infrastructure & Operations Security Manager

Application Security Engineer

Job in Khobar, Eastern Province, Saudi Arabia
Listing for: Practical DevSecOps
Full Time position
Listed on 2026-06-15
Job specializations:
  • IT/Tech
    Cybersecurity, Systems Engineer, Cloud Computing: Infrastructure & Operations, Security Manager
Salary/Wage Range or Industry Benchmark: 200000 - 300000 SAR Yearly SAR 200000.00 300000.00 YEAR
Job Description & How to Apply Below

Role Overview

We are seeking a highly skilled Application Security Engineer with 6–8 years of experience to drive secure software development, cloud security, and application security initiatives across enterprise environments. The ideal candidate will possess strong hands‑on expertise in Microsoft Azure, Azure Dev Ops, Secure SDLC, Threat Modeling, Vulnerability Assessment & Penetration Testing (VAPT), Cloud Security, and Secure Application Architecture. This role requires deep technical involvement in integrating security throughout the software development lifecycle while supporting secure cloud adoption and compliance with organizational security requirements.

This position is approximately 80% hands‑on technical execution and 20% governance, standards, and security advisory activities.

Key Responsibilities Dev Sec Ops  & Secure SDLC
  • Design, implement, and maintain secure CI/CD pipelines using Azure Dev Ops.
  • Integrate security controls into all phases of the software development lifecycle.
  • Embed Dev Sec Ops  practices across development, testing, deployment, and operational processes.
  • Automate security testing and validation activities within CI/CD pipelines.
  • Establish secure coding standards, security gates, and release controls.
  • Collaborate with development teams to remediate security vulnerabilities and improve security posture.
  • Develop reusable security controls, templates, and secure development frameworks.
Application Security
  • Conduct secure code reviews for .NET, C#, Python, JavaScript, React, Angular, Node.js, and related technologies.
  • Perform application security assessments against web applications, APIs, microservices, and cloud-native workloads.
  • Identify security weaknesses and provide remediation guidance.
  • Validate remediation activities and verify closure of identified vulnerabilities.
  • Provide technical consultation on secure application architecture and design.
Vulnerability Assessment & Penetration Testing (VAPT)
  • Perform hands‑on vulnerability assessments and penetration testing for:
  • Web applications
  • APIs
  • Mobile- iOS and Androido Cloud-hosted applications
  • Azure environments
  • SAST & DAST
  • Secure Code Review
  • Containers and Kubernetes platforms
  • Conduct authenticated and unauthenticated security assessments.
  • Execute manual validation of automated scan findings.
  • Analyze and prioritize vulnerabilities based on business and technical risk.
  • Support remediation efforts and perform retesting activities.
  • Maintain awareness of emerging attack techniques and security threats.
Threat Modeling & Secure Design
  • Independently conduct threat modeling exercises using STRIDE and industry‑recognized methodologies.
  • Develop and maintain threat libraries, attack trees, misuse cases, and secure design patterns.
  • Facilitate threat modeling workshops with architects, developers, and project teams.
  • Identify architectural security risks and recommend mitigation strategies.
  • Review application and cloud solution designs from a security perspective.
Cloud Security Engineering (Azure)
  • Design and implement security controls for Microsoft Azure environments.
  • Secure Azure‑native services including:
  • Azure App Services
  • Azure Kubernetes Service (AKS)
  • Azure Storage
  • Azure Key Vault
  • Azure API Management
  • Azure Functions
  • Azure SQL Services
  • Implement identity and access management controls using Microsoft Entra .
  • Manage and optimize Microsoft Defender for Cloud, Defender for Dev Ops, Defender for Containers, and Defender XDR capabilities.
  • Conduct Azure security reviews, architecture assessments, and configuration hardening activities.
  • Implement security monitoring, alerting, and cloud security best practices.
Container & Kubernetes Security
  • Secure containerized applications throughout the development lifecycle.
  • Implement container image scanning and vulnerability management processes.
  • Harden Kubernetes and AKS environments.
  • Secure Kubernetes workloads, secrets management, ingress configurations, RBAC controls, and network policies.
  • Implement runtime protection and container security monitoring capabilities.
  • Technical Risk Assessments
  • Perform application security risk assessments.
  • Perform cloud security risk assessments.
  • Perform infrastructure security assessments.
  • Conduct…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search