Security Engineer, Specialist
Job Description Roles & Responsibilities Adree is seeking a Security Engineer, Specialist to support our product development and engineering initiatives by leveraging deep application security and analytical expertise to articulate the value of secure, compliant digital solutions. In this role, you will work closely with stakeholders to understand technical requirements and business goals, and clearly demonstrate how enforceable security gates and robust vulnerability lifecycle management can address their needs. You will be responsible for bridging the gap between security compliance and rapid delivery execution, collaborating across teams to operationalize automated security controls throughout the SDLC. By blending secrets management, automated scanning pipelines, and artifact trust mechanisms, you will ensure our digital products are highly secure, resilient, and fully audit-ready. Key Responsibilities: Engage with clients and stakeholders to gather security requirements and understand their digital transformation and compliance goals Deliver impactful presentations, security dashboards, and reporting frameworks showcasing vulnerability triage, remediation tracking, and pipeline safety metrics Support the engineering and DevOps teams in configuring and tuning Fortify SAST/DAST, establishing clear thresholds, and governing exception workflows Provide technical insights and application security expertise throughout the product lifecycle to automate SSL/TLS certificate renewals using HashiCorp Vault and Cert-Manager in Kubernetes Collaborate with cross-functional teams (including DevOps and QA) to build secure pipelines, manage test environment controls, and enforce software supply chain visibility via SBOM integration Stay current with industry trends, OWASP frameworks, container security concepts, and threat modeling to position solution security effectively Conduct workshops and technical triage sessions internally and with clients to define Quality Gates, vulnerability SLAs, and secure secrets management patterns with SecurEnvoy MFA Participate in Agile development processes and release alignments, producing required compliance evidence, scan outputs, approvals, and comprehensive release evidence packs Desired Candidate Profile Education Bachelor s degree in Computer Science, Cyber Security, Software Engineering, or a related technical field. Experience 4+ years of professional experience in Application Security (AppSec), DevSecOps, or Security Engineering. Proven experience operationalizing enforceable security gates within CI/CD pipelines, preferably using Azure DevOps Server. Demonstrated experience with threat modeling, vulnerability management, and operating within government or highly regulated enterprise sectors is a strong plus. Skills & Competencies (Technical & Analytical + Soft) Deep proficiency in Secure SDLC principles, OWASP Top 10, container security concepts, and Kubernetes/OpenShift security basics. Strong hands-on experience implementing image signing/verification (Sigstore/Cosign) and artifacts lifecycle security via JFrog Artifactory. Analytical skills to correlate security logs and monitoring alerts with enterprise platforms like AppDynamics, BMC, or Azure Monitoring. Excellent soft skills with an ability to influence without authority, deliver pragmatic risk-based guidance, and handle security escalations calmly. Strong collaboration, structured reporting, and cross-functional engineering alignment. Experience (summary) Operationalization of automated DevSecOps security gates across CI/CD pipelines Vulnerability lifecycle management including triage, SLA tracking, and remediation Automated software supply chain security (SBOM generation & container image signing) Secrets management integration and automated infrastructure certificate management Application security scanning optimization across SAST and DAST frameworks Regulatory compliance evidence gathering and release package auditing Skills & Competencies (summary) Azure DevOps Server & JFrog Artifactory secure workflow management Fortify SAST/DAST tuning & exception workflow design HashiCorp Vault secrets management & Cert-Manager infrastructure Container & cluster security principles (Kubernetes / Red Hat OpenShift) Multi-factor authentication access patterns (SecurEnvoy MFA) Stakeholder relationship management & security governance Prioritization, risk-based communication, and teamwork Travel for client-facing activities Company Industry IT - Software Services Department / Functional Area IT Software Keywords Security EngineerSpecialist Get real-time job updates only on our App
Ready to apply?
You are viewing this role on JobSphere AI. Applications are completed on the original employer / source website.
Apply NowOpens the employer's site in a new tab
- CompanyAdree
- LocationRiyadh, Saudi Arabia
- CategoryCybersecurity
- SourceNaukrigulf
- Listed1h ago
Related Cybersecurity jobs
DevOps Engineer
The DevOps Engineer is responsible for the deployment and installation of solutions on environments, production servers. He implements technical architectures…
Cybersecurity Senior Engineer
The Cybersecurity Senior Engineer will play a critical role in onboarding clients into our Managed Security Services environment, ensuring seamless integration…
Financial Controller - Power Plant Construction Project
Al Jomaih Energy & Water (AEW) headquartered in Saudi Arabia, is a fast-growing investor, lead develper, and operator of utility and infrastructure projects in…
Marketing Executive | AlFuttaim Real Estate | Emirati Talent
The Marketing Executive plays a crucial role in supporting the marketing team at Dubai Festival City. The position involves coordination and assistance across…