API & Application Security Specialist – Offensive Security & Secure SDLC Dubai
Posted date [2025-05-14]
(ID: 34897)
 |
Dicetek is a global IT Solutions and Services Company founded in 2006, headquartered in Singapore. We are expanding our global network while delivering cost-effective consulting services. Our operational offices are located in India, UAE, Singapore, and the USA.
Focusing on various sectors including Banking & Financial Services, Telecom, Government, Oil & Gas, Logistics, Supply Chain, Real Estate, and Manufacturing, we offer top-notch Information Technology Solutions and Professional Consulting Services. We have built a solid reputation in the technology industry for exceptional service, guided by our core values of integrity, thought leadership, and excellence in the ever-evolving IT landscape. We aim to foster lasting relationships with our clients, prioritizing their satisfaction as a key performance indicator. This commitment has positioned us as a preferred partner for many. With over a decade of experience, we have a proven track record in consulting across diverse technical roles and industries. Our specialized team of over 1,200 IT Consultants combines international expertise with in-depth local market knowledge.... |
API & Application Security Specialist – Offensive Security & Secure SDLC Dubai
Dicetek is hiring an experienced API & Application Security Specialist for a key client project in Dubai. This role is focused on embedding security practices into every stage of the software development lifecycle, conducting penetration testing, securing APIs, and automating security checks within CI/CD pipelines. The ideal candidate will have a strong offensive security mindset and practical experience working in high-compliance environments.
Job Location: Dubai, United Arab Emirates
Industry: Information Technology & Cybersecurity
Function: Application Security – Secure Development & API Protection
Salary: 20000–25000 monthly (Market estimated)
Gender: Any
Candidate Nationality: Any
Candidate Current Location: United Arab Emirates
Job Type: Full-time
Key Responsibilities
* Design and implement secure API frameworks and integrate application security into development pipelines
* Automate security processes within CI/CD for early detection of vulnerabilities
* Perform intrusive penetration testing and vulnerability assessments on APIs, applications, and infrastructure
* Identify security risks and provide technical mitigation strategies during the SDLC
* Conduct security audits, source code reviews, and threat modeling to detect insecure coding patterns
* Simulate real-world attack scenarios and assess security posture using advanced offensive tools
* Work closely with development and DevOps teams to integrate preventive security controls
* Support development teams with secure coding guidance, reviews, and remediation feedback
* Deliver detailed security risk assessments and actionable reports to technical and non-technical stakeholders
* Stay up to date with evolving threats, attack vectors, and compliance requirements in application and API security
* Collaborate across cross-functional teams and participate in third-party vendor assessments as needed
Job Requirements
Education
* Bachelor’s degree in Information Security, Computer Science, or related discipline
* Certifications such as CEH, OSCP, GWAPT, or CSSLP are preferred
Experience
* 7+ years in cybersecurity roles, with at least 3 years in application and API security
* Proven track record of performing penetration tests and offensive assessments in development environments
Skills
* Deep knowledge of OWASP Top 10, API Security, and secure coding principles
* Hands-on experience with tools such as Burp Suite, Postman, OWASP ZAP, and SAST/DAST solutions
* Familiarity with CI/CD tools like Jenkins, GitLab CI, and Azure DevOps
* Experience working in Agile development teams and DevSecOps environments
* Ability to communicate complex security risks to non-technical stakeholders
* Knowledge of secure architectures for cloud-native applications (e.g., containers, microservices)
Benefits
* Competitive tax-free monthly salary
* Work with an elite information security team on strategic cybersecurity initiatives
* Opportunity to lead advanced security implementations and threat simulations
* Other benefits as per UAE labor law
About the company
Dicetek is a global IT and security consulting company delivering secure technology solutions to enterprises and government entities across the UAE and Asia. We specialize in secure SDLC integration, DevSecOps, threat management, and regulatory compliance services across critical sectors.
Hiring cybersecurity professionals or DevSecOps engineers? Post your job openings for free on CareersInGulf.com and connect with certified security experts in the GCC.
Dicetek is hiring an experienced API & Application Security Specialist for a key client project in Dubai. This role is focused on embedding security practices into every stage of the software development lifecycle, conducting penetration testing, securing APIs, and automating security checks within CI/CD pipelines. The ideal candidate will have a strong offensive security mindset and practical experience working in high-compliance environments.
Job Location: Dubai, United Arab Emirates
Industry: Information Technology & Cybersecurity
Function: Application Security – Secure Development & API Protection
Salary: 20000–25000 monthly (Market estimated)
Gender: Any
Candidate Nationality: Any
Candidate Current Location: United Arab Emirates
Job Type: Full-time
Key Responsibilities
* Design and implement secure API frameworks and integrate application security into development pipelines
* Automate security processes within CI/CD for early detection of vulnerabilities
* Perform intrusive penetration testing and vulnerability assessments on APIs, applications, and infrastructure
* Identify security risks and provide technical mitigation strategies during the SDLC
* Conduct security audits, source code reviews, and threat modeling to detect insecure coding patterns
* Simulate real-world attack scenarios and assess security posture using advanced offensive tools
* Work closely with development and DevOps teams to integrate preventive security controls
* Support development teams with secure coding guidance, reviews, and remediation feedback
* Deliver detailed security risk assessments and actionable reports to technical and non-technical stakeholders
* Stay up to date with evolving threats, attack vectors, and compliance requirements in application and API security
* Collaborate across cross-functional teams and participate in third-party vendor assessments as needed
Job Requirements
Education
* Bachelor’s degree in Information Security, Computer Science, or related discipline
* Certifications such as CEH, OSCP, GWAPT, or CSSLP are preferred
Experience
* 7+ years in cybersecurity roles, with at least 3 years in application and API security
* Proven track record of performing penetration tests and offensive assessments in development environments
Skills
* Deep knowledge of OWASP Top 10, API Security, and secure coding principles
* Hands-on experience with tools such as Burp Suite, Postman, OWASP ZAP, and SAST/DAST solutions
* Familiarity with CI/CD tools like Jenkins, GitLab CI, and Azure DevOps
* Experience working in Agile development teams and DevSecOps environments
* Ability to communicate complex security risks to non-technical stakeholders
* Knowledge of secure architectures for cloud-native applications (e.g., containers, microservices)
Benefits
* Competitive tax-free monthly salary
* Work with an elite information security team on strategic cybersecurity initiatives
* Opportunity to lead advanced security implementations and threat simulations
* Other benefits as per UAE labor law
About the company
Dicetek is a global IT and security consulting company delivering secure technology solutions to enterprises and government entities across the UAE and Asia. We specialize in secure SDLC integration, DevSecOps, threat management, and regulatory compliance services across critical sectors.
Hiring cybersecurity professionals or DevSecOps engineers? Post your job openings for free on CareersInGulf.com and connect with certified security experts in the GCC.
