Application Security Architect
Ref: JO-2605-360706
- United Arab Emirates, Abu Dhabi
- Software Development & Engineering, Technology
- IT
- 1,000 - 4,999 Employee
- Environment: In-office
- Contract Type: Contract
- Starts: 2026-08-01
- Duration: 12 Months
We are supporting a high-impact enterprise programme in the UAE looking to onboard an experienced Application Security Architect to lead and shape secure development practices across large-scale, modern application environments.
This is a key role sitting at the intersection of architecture, engineering, and governance, driving a secure-by-design approach across the full SDLC.
Overview
You will take ownership of application security architecture across web, API, and microservices environments – ensuring security is embedded from design through to deployment.
Working closely with engineering, DevOps, and security teams, you will define standards, lead threat modelling, and guide remediation strategies across complex, distributed systems.
Key Responsibilities:
- Define and drive application security architecture and strategy across the organisation
- Lead threat modelling and secure design reviews for new and existing systems
- Establish and enforce secure coding standards aligned to OWASP & industry frameworks
- Oversee SAST, DAST, SCA, and API security testing practices
- Provide architectural guidance across microservices, APIs, and containerised environments
- Act as a senior escalation point for critical vulnerabilities and remediation strategy
- Collaborate with DevOps teams to embed security into CI/CD pipelines (DevSecOps)
- Drive security governance, reporting, and compliance alignment (ISO 27001, NIST SSDF)
Experience Required:
- Proven experience in Application Security Architecture within enterprise environments
- Strong background in secure code review, vulnerability management, and threat modelling
- Deep understanding of OWASP Top 10, ASVS, and modern attack vectors
- Hands-on exposure to tools such as Fortify, Checkmarx, Burp Suite, Snyk, Trivy, etc.
- Experience securing APIs, microservices, and containerised platforms (Docker/Kubernetes)
- Strong knowledge of authentication and identity protocols (OAuth, JWT, SAML)
- Ability to engage senior stakeholders and influence engineering practices
What Makes This Role Interesting:
- High-visibility role within a large-scale, strategic programme
- Opportunity to shape security architecture from the ground up
- Exposure to modern cloud-native and microservices environments
- Working alongside leading engineering and cybersecurity teams
Salt is acting as an Employment Business in relation to this vacancy.
Share:
