A well-known and well-reputed Company based in Dubai, United Arab Emirates is looking for an experienced, skilled, competent, mature, qualified, creative, and intelligent candidate with significant knowledge and relevant working experience for the position of “Product Security Engineer “.
|Qualification||Bachelors Degree | Masters Degree|
|Experience||3 – 5 years of Relevant Experience Required|
|Monthly Salary||5,000 AED – 6,000 AED|
|Employment Type||Full Time | Permanent
|Company Size||50-100 Employees|
Who we are?
Want to work for the most exciting digital company in the Middle East? noon.com is a technology leader with a simple mission: to create world-class digital marketplaces for consumers and businesses across the Middle East.
Starting in 2017 with noon.com, the region’s homegrown e-commerce platform and leading online shopping destination, noon is now an ecosystem of services – noon, noon daily, noon food, NowNow, SIVVI, noon VIP, and noon pay – all developed to help empower and inspire a generation of diverse, digital-first consumers and businesses.
We are creating a local digital champion to empower the region and accelerate the digital economy and are looking for the best talent in the world to join our team.
What is the role?
We are seeking a Product Security Engineer to enable Noon’s engineering teams across our different companies to design and write secure software for all the products and features we ship at Noon.
We cooperate with product and engineering throughout the SDLC process to ensure application compounds reflect water-tight security. If you have a passion for breaking software, finding the root cause, and are able to quickly identify and communicate security risks to the relevant teams so it can be fixed at scale, we need you. The ideal candidate will work relentlessly to help Engineering and Product teams to uncover security vulnerabilities early in the design and development phase, and will work with cross-functional teams in our group, and will influence the development cycle with various security initiatives and programs.
- Provide Subject-Matter-Expert guidance to developers and product managers alike while addressing security concerns and champion security by design.
- Lead security engineering review for new product features and enhancements.
- Plan and execute threat modeling activities within the software development lifecycle to assess the security controls required for a given application.
- Drive-in and take charge of security activities in our development processes, such as design and architecture reviews, threat modeling, and specifications & standards.
- Provide application security guidance and oversight across Security, Engineering & Product teams by participating in design, architecture, and code reviews
- Develop internal application security testing pipeline and review processes.
- Plan, scope and execute application security reviews and engage with product teams and developers to clarify security requirements
- Audit, govern and drive improvements in the software supply chain security.
- Validate, triage, and coordinate with engineering to remediate the vulnerabilities discovered through threat modeling and design review activities.
- Planning and execution of engineering projects to tackle emerging security threats and challenges across the organization.
- Provide subject matter expertise on security controls, and secure coding and design practices across Noon
- Assist in training and mentoring Security Champions throughout the development
- Advocate for security culture and educate colleagues across all engineering functions.
Who we need?
- At least 3-5 years of experience as a Product Security Engineer with active experience in architecture and design reviews, threat modeling, and Application Security.
- 3+ years of hands-on technical experience in application development and/or application security
- Strong understanding of application security vulnerabilities, secure coding, and countermeasures
- Experience working in collaboration with product managers and software engineering teams to improve security throughout SDLC.
- Deep technical understanding of the OWASP Top 10 and SANS Top 25 vulnerabilities and the corresponding mitigation techniques
- Hands-on experience performing threat modeling, risk assessments, and architecture reviews for complex products.
- Solid understanding of software security principles
- Experience conducting application security reviews, API design, code reviews, root cause analysis, and system architecture.
- Ability to understand code-level issues and promote secure coding practices for one or more languages like Python, NodeJS, and Java.
- Hands-on experience in secure coding concepts and application security- preferable.
- Able and comfortable wearing multiple hats- preferable.
- Establishes industry expertise through writing, speaking, shipping open-source projects, or online presence- preferable.
- Strong experience in secure code review is a plus-preferable.
Who will excel?
The ideal candidate will be comfortable in a fast-paced, multi-tasked, high-energy environment. They will be a creative and analytical problem solver with a passion for delivering results.
At noon we have the courage to pursue what seems impossible, we work hard to get things done, we go to great lengths to ensure that the experience of everyone from our customers to our sellers or noon Bandidos is stellar but above all, we are grateful for the opportunities we have.
If you feel the above values resonate with you – you will enjoy this incredible journey with us!