Security Test Engineer I Turkey relocate to UAE

Our client is a software development and digital solutions company serving clients across the FinTech, iGaming, and Marketing sectors. The company has successfully delivered 20+ innovative products across 5 international markets, including Brazil, Armenia, Saudi Arabia, and the UAE.

⟢  Responsibilities: 

• Lead and conduct detailed security validation activities across diverse technology stacks, encompassing commercial off-the-shelf software, custom-built applications, and infrastructure hosted in public cloud environments (e.g., AWS, GCP).
• Execute specialized risk assessments focusing on application programming interfaces (APIs) and identity/access management (IAM) frameworks to ensure robust control mechanisms are in place.
• Adopt a proactive, adversary-centric perspective to identify potential weaknesses, emphasizing the ability to link disparate findings into comprehensive attack narratives that demonstrate realistic business impact.
• Document assessment outcomes clearly and professionally, providing objective evidence and strategic, implementable recommendations to enhance the organization's defensive capabilities and maturity.

⟢ Requirements:

• Minimum of 5 years of experience in hands-on security assessment, evaluation, or risk analysis roles.
• Deep functional expertise in safeguarding web-facing applications, including familiarity with common security weaknesses and sophisticated attack vectors (e.g., data manipulation, business logic bypasses, complex injection flaws, and API security).
• Proven capability in analyzing the security posture of consumer applications, employing both static and dynamic analysis techniques; strong grasp of data protection, secure communication, and obfuscation techniques.
• Working knowledge of securing cloud-native environments (AWS or GCP), particularly concerning access controls, resource configuration, and storage security standards.
• Proficiency with industry-standard security testing tools and ability to develop utility scripts for automation using standard programming/shell languages (e.g., Python, Bash).
• A persistent, investigative mindset with a track record of connecting individual security gaps to assess the potential for systemic exploitation.
• Nice to Have:     
  - Experience with unconventional security domains such as client-side hardening, server integrity, or anti-fraud/anti-abuse measures.
  - Relevant professional certifications that validate advanced, specialized security knowledge.

⟢ Benefits:

• Competitive & open salary range, based on your true capability not just your title
• Hybrid working & flexible hours
• Annual leave up to 24 days/year
• Home visit benefit 2 flight tickets/year to reunite with your family
• Multinational team with members from 16 countries, diverse yet supportive

⟢ Recruitment Process:

1. HR Interview
2. Technical Interview
3. Background Check
4. Offer