Manager Application Security

Majid Al Futtaim

Position Overview
Majid Al Futtaim Global Solutions is seeking an experienced and technically adept Application Security Manager to lead the organization s enterprise-wide cybersecurity and vulnerability management programs. Based in Dubai, this role oversees vulnerability assessments, penetration testing, red teaming, and DevSecOps initiatives to ensure the security of infrastructure, applications, cloud platforms, and network systems. The successful candidate will play a vital role in enhancing the Group s overall cybersecurity posture and aligning security operations with global best practices and compliance frameworks.

Job Details
Country: UAE
City: Dubai
Industry: Information Technology (IT)
Function: Cybersecurity
Gender: Any
Candidate Nationality: Any
Job Type: Full-time

Key Responsibilities

**Vulnerability Management (VPAT) Program Oversight**

* Lead the enterprise-wide Vulnerability Management (VPAT) Program ensuring continuous assessment of all IT assets.
* Conduct vulnerability scans across infrastructure, applications, cloud environments, and third-party integrations.
* Prioritize remediation based on exploitability, business impact, and compliance risk.
* Collaborate with stakeholders to ensure prompt vulnerability mitigation within defined SLAs.
* Maintain real-time dashboards and executive reports tracking vulnerability remediation progress.

**Penetration Testing & Red Teaming**

* Plan and execute penetration tests and red teaming exercises across internal and external systems.
* Simulate real-world attack scenarios using frameworks like MITRE ATT&CK and OWASP.
* Test the resilience of SIEM, IAM, WAF, EDR, CASB, and DLP systems.
* Conduct phishing simulations, physical security tests, and awareness evaluations.
* Prepare comprehensive reports detailing risks, exploitation potential, and remediation recommendations.

**Application Security & DevSecOps**

* Manage the enterprise-wide Application Security and DevSecOps Program.
* Integrate security testing within CI/CD pipelines for proactive detection and mitigation.
* Perform SAST, DAST, and API security assessments for critical applications.
* Implement secure coding practices and deliver training to software development teams.
* Ensure security of APIs, microservices, and containerized workloads across environments.

**Governance & Compliance**

* Ensure all cybersecurity practices comply with ISO 27001, NIST, PCI DSS, CIS benchmarks, and MAF standards.
* Develop executive-level reports on key risks, findings, and remediation actions.
* Maintain audit-ready documentation for internal and external cybersecurity reviews.

Ideal Profile

* Bachelor s degree in Cybersecurity, Computer Science, or Engineering.
* 5 7 years of experience in penetration testing, vulnerability management, and application security.
* Hands-on experience in DevSecOps implementation and CI/CD pipeline security.
* Strong knowledge of hybrid and cloud infrastructure (AWS, Azure).
* Excellent analytical, problem-solving, and leadership skills.

Preferred Certifications

* OSCP (Offensive Security Certified Professional)
* OSCE (Offensive Security Certified Expert)
* GPEN (GIAC Penetration Tester)
* GWAPT (GIAC Web Application Penetration Tester)
* CRTSA (CREST Registered Technical Security Architect)
* GCSA (GIAC Cloud Security Automation)
* Certified DevSecOps Professional (CDP)
* AWS/Azure Cloud Security Certification

Skills Set

* Vulnerability assessment and remediation management.
* Advanced penetration testing and red teaming.
* Application security testing (SAST, DAST, API).
* DevSecOps and CI/CD pipeline integration.
* Cloud and hybrid infrastructure security.
* Governance, risk, and compliance reporting.

Why Join Us

* Work with one of the Middle East s most forward-thinking technology and security teams.
* Lead enterprise-scale cybersecurity initiatives protecting diverse digital assets.
* Collaborate with top-tier professionals in a dynamic and innovative environment.
* Benefit from ongoing professional development and global certification opportunities.