×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Systems Engineer Security Manager

Application Security Engineer

Job in Riyadh, Riyadh Region, Saudi Arabia
Listing for: Lucidya
Full Time position
Listed on 2026-02-07
Job specializations:
  • IT/Tech
    Cybersecurity, Systems Engineer, Security Manager
Salary/Wage Range or Industry Benchmark: 200000 - 300000 SAR Yearly SAR 200000.00 300000.00 YEAR
Job Description & How to Apply Below

About Lucidya

Lucidya is an AI-native Customer Experience Intelligence platform enabling enterprises to understand, engage, and retain customers  Lucidya continues to scale globally, building secure-by-design products is a top priority. Security is a core pillar of our engineering strategy, and we are investing heavily in strengthening our application security posture across all products and platforms.

To support this growth, we are looking for an Application Security Engineer to help drive secure development practices, proactively identify vulnerabilities, and embed security across the software development lifecycle.

About the Role

This is the first dedicated Application Security role at Lucidya, making it a high-impact and foundational position. You will play a critical role in shaping Lucidya’s application security strategy, working closely with engineering teams to identify risks, close security gaps, and ensure our applications are secure by design.

You’ll operate at the intersection of security engineering, software development, and cloud infrastructure, thinking like an attacker while enabling developers to build secure, scalable systems.

What You’ll Be Doing

Core Responsibilities

  • Develop and implement automated security testing and vulnerability detection workflows integrated into the Software Development Lifecycle (SDLC).
  • Conduct security reviews of web applications, mobile applications, APIs, and cloud environments (public and private).
  • Perform penetration testing on web, mobile, API, and desktop applications, as well as supporting infrastructure.
  • Evaluate application defenses, identify architectural and design-level security gaps, and recommend mitigation strategies.
  • Think like an attacker to proactively identify vulnerabilities and complex security risks before they reach production.
  • Collaborate closely with engineering teams to support secure coding practices and security-aware development.
  • Conduct code reviews with a security focus, especially for critical services and deployments.
  • Research emerging threats and contribute to the development or adoption of new security tools and techniques.

Day-to-Day Responsibilities

  • Review application code and architecture from a security perspective.
  • Support and guide teams on secure development lifecycle (SDLC) practices.
  • Work closely with developers during feature development and releases to ensure security controls are in place.
  • Participate in threat modeling, vulnerability triage, and remediation tracking.
  • Contribute to defining and evolving Lucidya’s application security strategy.
Success Metrics
  • Measurable reduction in application vulnerabilities, including findings from external security assessments.
  • Clean and secure application releases with minimal critical or high-risk findings.
  • Successful integration of security practices across SDLC pipelines.
  • Improved security posture and readiness as validated by internal and external reviews.
First 90 Days
  • Gain a deep understanding of Lucidya’s system architecture, codebase, and security landscape.
  • Identify key security gaps and prioritize remediation plans.
  • Begin embedding security workflows into CI/CD and development processes.
  • Establish trust and working relationships with engineering teams.
What We’re Looking For

Experience & Background

  • 2-4 years of experience in application security, security engineering, or a related role.
  • Background as a software engineer transitioning into security is highly valued.
  • Hands-on experience securing applications built with Ruby on Rails and React.
  • Experience performing penetration testing on modern web applications and APIs.

Technical & Security Skills

  • Strong understanding of the Secure Development Life Cycle (SDLC).
  • Hands-on penetration testing experience (web, mobile, APIs).
  • Cloud security experience with AWS and/or GCP.
  • Ability to assess application architecture and identify design-level risks.

Certifications (Preferred / Non-Negotiable)

  • CISM
  • OSCP
  • SANS GIAC

Soft Skills

  • Strong communication skills and ability to work cross-functionally.
  • Comfortable engaging with developers, engineers, and stakeholders.
  • Proactive, ownership-driven mindset in a fast-growing environment.

Nice-to-Have

  • Experience working in SaaS or AI-driven products.
  • Exposure to building security functions from scratch.
  • Prior experience with security tooling development or automation.
Hiring Process
  • Screening Interview – Esraa Adel, Talent Acquisition Partner
  • First Technical Interview – Mostafa Asaad, Technology Manager
  • Technical Task
  • Second Interview
    • #J-18808-Ljbffr
    To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
    (If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
     
     
     
    Search for further Jobs Here:
    (Try combinations for better Results! Or enter less keywords for broader Results)
    Location
    Increase/decrease your Search Radius (miles)

    Job Posting Language
    Employment Category
    Education (minimum level)
    Filters
    Education Level
    Experience Level (years)
    Posted in last:
    Salary
    Advanced Search