Company Profile

Mannai ICT, the Information & Communication Technology Division of Mannai Corporation, is Qatar’s leading systems integrator with over 30 years serving over 5,000 clients. Mannai ICT offers end-to-end IT solutions, including networking, servers, storage, software applications, and digital transformation. As the Platinum Partner for HP in Qatar, Mannai ICT delivers cutting-edge IT infrastructure and enterprise solutions across all industries. With specialized divisions like Microsoft Solutions, InfoTech, and Office Equipment, Mannai ICT supports Qatar’s technological transformation with innovative and reliable services.

Job Profile

We are seeking a Senior Cyber Security Specialist to enhance our security posture by embedding security practices throughout the software development lifecycle and proactively managing vulnerabilities.

Key Responsibilities:

• Ensure application security is embedded in all stages of the software development lifecycle (SDLC), regardless of delivery methodology.
• Conduct security assessments, including code reviews, vulnerability assessments, and threat modelling for applications and APIs.
• Identify security risks in applications before implementation and provide remediation guidance to development teams.
• Perform application vulnerability assessments through regular scanning and collaborate with developers for timely remediation.
• Track, prioritize, and manage security vulnerabilities discovered during assessments and third-party scans.
• Develop and maintain threat models for applications and systems to identify risks and recommend mitigations.
• Continuously improve security processes and procedures, including exception/risk acceptance reporting.
• Contribute to the development of security policies and standards.
• Implement and manage security tools for static and dynamic application security testing (SAST/DAST) and CI/CD pipelines.
• Provide training and guidance to development teams on secure coding practices and emerging security threats.

Skills

• Bachelor’s degree in Computer Science or a related field, along with continued cybersecurity training.
• 12-15 years of progressive experience in application security, including web services and Azure Cloud-based applications (PaaS, SaaS).
• Experience in DevSecOps practices and integrating security into DevOps pipelines.
• Strong knowledge of web and mobile application security.
• Proficiency in security tools such as Burp Suite, OWASP ZAP, Fortify, etc..
• Knowledge of programming languages such as Java, Python, C#, or JavaScript.
• Experience with SAST/DAST tools and CI/CD integration.
• Understanding of web application security vulnerabilities (e.g., OWASP Top 10) and secure coding practices.
• Strong understanding of cryptography, SSL certificate lifecycle management, and application security methodologies.
• Familiarity with container security, cloud security best practices, and API/microservices security in a distributed environment.

Join our team and contribute to a company that values innovation, quality, reliability, and a strong commitment to providing advanced technology solutions. This is an exciting opportunities for career development and the chance to work with leading brands and on prominent projects in the region.