Application Security Specialist (Veracode)

Apply Closing Date: March 31, 2025

Job Overview

 GBM is seeking a skilled Application Security Specialist with expertise in Veracode to provide on-site managed services for our client. The ideal candidate will be responsible for integrating, managing, and optimizing application security testing within the software development lifecycle, ensuring compliance with security policies and industry best practices.

Key Responsibilities

  • Application Security Management: Implement and maintain Veracode security tools, including static analysis (SAST), dynamic analysis (DAST), and software composition analysis (SCA).
  • Vulnerability Assessments: Conduct regular security scans and assessments on client applications, prioritizing findings based on risk impact.
  • Integration with DevSecOps: Work closely with development and DevOps teams to integrate security controls into CI/CD pipelines.
  • Policy Compliance & Governance: Ensure applications comply with security standards, including OWASP Top 10, NIST, and ISO 27001.
  • Threat Modeling: Identify potential security threats, vulnerabilities, and risks in client applications and provide mitigation strategies.
  • Remediation & Advisory: Provide detailed remediation guidance to developers, assisting them in fixing security vulnerabilities.
  • Reporting & Documentation: Generate security reports, track remediation progress, and communicate risks to stakeholders.
  • Incident Response: Support security incident handling related to application vulnerabilities and ensure timely mitigation.
  • Training & Awareness: Conduct security awareness sessions for development teams on secure coding practices and Veracode usage.
  • Continuous Improvement: Evaluate and recommend enhancements to security testing methodologies and tools.

Requirements

  • Education: Bachelor’s degree in Computer Science, Information Security, or a related field.
  • Experience: 3+ years in application security, with hands-on experience in Veracode.

Technical Skills

  •  Strong understanding of SAST, DAST, and SCA methodologies.
  • Experience with Veracode integrations in CI/CD pipelines.
  • Knowledge of secure coding principles in languages like Java, .NET, Python, and JavaScript.
  • Familiarity with web and API security testing.
  • Hands-on experience with security frameworks such as OWASP, NIST, and ISO 27001.

Soft Skills

  • Strong analytical and problem-solving skills.
  • Excellent communication and stakeholder management abilities.
  • Ability to train and guide development teams on security best practices.

Preferred Skills

  • Certifications: CEH, OSCP, Veracode Security Certifications, or relevant cybersecurity credentials.
  • Experience with additional security tools such as Burp Suite, Fortify, SonarQube, or Checkmarx.
  • Prior experience in a Managed Services environment.

Benefits

  • Competitive salary and benefits.
  • Opportunity to work on innovative projects.
  • Collaborative and flexible work environment.
  • Opportunities for professional development and learning.

How to Apply

Submit your updated resume and a cover letter detailing your experience as Application Security Specialist (Veracode). Please ensure your application highlights your bilingual proficiency in Arabic and English.