Security test Engineer (Banking Domain)

Note: Need only Immediate Joiners.

Job Title:

Job Summary:

We are seeking a skilled and detail-oriented Security Test Engineer to join our cybersecurity team. The ideal candidate will have a strong foundation in application security testing, with hands-on experience in identifying and mitigating security vulnerabilities across software applications. This role is critical in ensuring the integrity, confidentiality, and availability of our digital assets, particularly within the sensitive banking and financial services domain. You will work closely with development, DevOps, and compliance teams to embed security into the software development lifecycle (SDLC) and ensure adherence to global security standards.

Key Responsibilities:

• Conduct comprehensive security testing using tools such as Checkmarx, Snyk, and OWASP ZAP to identify vulnerabilities in code, APIs, and infrastructure.
• Perform static and dynamic application security testing (SAST/DAST) across Java, Spring Boot, and microservices-based applications.
• Evaluate third-party integrations and identity verification platforms such as Sumsub, Onfido, and Trulioo for compliance with security and privacy standards.
• Analyze and remediate security findings in collaboration with development teams, prioritizing risks based on business impact and exploitability.
• Ensure compliance with industry regulations including GDPR, ISO 27001, ISO 27701, and UAE financial sector laws.
• Participate in security audits, risk assessments, and penetration testing exercises.
• Develop and maintain security testing frameworks, checklists, and automated security gates within CI/CD pipelines.
• Stay updated on emerging threats, attack vectors, and evolving security frameworks, especially in the context of banking and financial services.
• Provide security guidance and training to development and QA teams to promote secure coding practices.
• Document security test results, risk assessments, and audit findings for internal and client-facing reporting.

Requirements:

• 1–3 years of experience in application security testing, with a focus on financial or banking domains.
• In-depth knowledge of OWASP Top 10 vulnerabilities and secure software development principles.
• Hands-on experience with security testing tools: Checkmarx, Snyk, OWASP ZAP, and similar.
• Familiarity with identity verification platforms such as Sumsub, Onfido, and Trulioo.
• Strong understanding of secure coding practices for Java, Spring Boot, and microservices architectures.
• Experience in cloud environments, particularly Azure, with knowledge of security controls and compliance configurations.
• Understanding of authentication/authorization mechanisms (OAuth, OpenID Connect), API security, and data protection.
• Knowledge of regulatory frameworks: GDPR, ISO 27001, ISO 27701, and UAE financial regulations.
• Excellent analytical, problem-solving, and communication skills.
• Bachelor’s degree in Computer Science, Information Security, or a related field.

Note: Need only Immediate Joiners.