Cyber Security Engineer/Application Security Specialist

Company Description Tecnots is a global technology solutions provider headquartered in Dubai, UAE, with offices in India and Saudi Arabia, and a distributed remote team. Since its rebranding in 2026 from Summit Solutions, the company has focused on offering cutting-edge solutions in Digital Transformation, Enterprise Software, AI & Automation, Data Analytics, Cloud & Infrastructure, Cybersecurity, and Technology Consulting. Tecnots serves clients across 12 industries, working with top technology partners such as Microsoft, AWS, and SAP.

The company is committed to empowering organizations to scale efficiently, optimize operations, and drive informed decision-making. Role Overview: We are seeking a Cyber Security Engineer to ensure the security, integrity, and credibility of applications, platforms, and infrastructure delivered by Summit Solutions. This role will work closely with development and QA teams to embed security across the software development lifecycle (SDLC), ensuring applications are secure by design, compliant with best practices, and resilient against evolving threats.

The ideal candidate has hands-on experience in application security, cloud and on-prem security controls, vulnerability management, and secure DevOps (DevSecOps) practices. Application & Product Security Responsibilities: • Collaborate with developers and QA teams to integrate security controls into application design, development, testing, and release cycles. • Perform application security reviews, including architecture assessments, code review support, and security validation. Ensure application credibility, integrity, and trustworthiness through secure design and implementation practices. • Support secure API design, authentication, authorization, and data protection mechanisms. • Validate security requirements during functional and non-functional testing phases.

DevSecOps & SDLC Integration: • Embed security checks into CI/CD pipelines, including static and dynamic application security testing (SAST, DAST). • Work with DevOps teams to implement secure build, deployment, and release processes. • Define and enforce secure coding standards and security best practices. • Support vulnerability remediation by coordinating fixes with development teams. • Enable automated security testing as part of QA workflows. Infrastructure, Cloud & Hosting Security: • Secure applications and infrastructure across cloud, on-premises, and VPS/hosted environments. • Implement and monitor security controls in Azure, hybrid environments, and third-party hosting providers. • Review and harden server configurations, network segmentation, and access controls. • Support secure integration between internal systems, customer environments, and external services. Identity, Access & Network Security: • Design and maintain Identity and Access Management (IAM) solutions, including Single Sign-On (SSO) for internal and business systems. • Enforce least-privilege access, role-based access control (RBAC), and secure authentication mechanisms. • Support secure business connectivity through VPNs, firewalls, and private networking. • Manage secrets, certificates, encryption keys, and credential rotation.

Vulnerability Management & Compliance: • Conduct vulnerability assessments and coordinate remediation activities. • Support penetration testing efforts and address identified risks. • Maintain security documentation, risk registers, and remediation tracking. • Support compliance requirements and customer security assessments when required. • Assist in incident response, root cause analysis, and post-incident improvements. Collaboration, Governance & Enablement: • Work closely with QA, development, and DevOps teams to ensure security requirements are understood and implemented. • Provide security guidance, training, and awareness to engineering teams. • Participate in architecture and design reviews to identify and mitigate security risks early. • Help define security policies, standards, and operational procedures. Skills & Qualifications: Required • 3+ years of experience in Cyber Security, Application Security, or DevSecOps roles. • Strong understanding of application security principles and secure SDLC. • Experience working with developers and QA teams in agile environments. • Knowledge of common vulnerabilities (OWASP Top 10) and mitigation strategies. • Familiarity with cloud and infrastructure security concepts.

Preferred • Experience with vulnerability scanning and security testing tools. • Strong analytical and problem-solving skills. • Experience with Azure security services and hybrid environments. • Knowledge of CI/CD security integration. • Experience securing APIs, microservices, and web applications. • Security certifications (CEH, Security+, CISSP, Azure Security Engineer).