Souq.com is the largest ecommerce site in the Arab world. Every month, Souq.com attracts more than 40 million visits to its catalogue of more than 8 million unique products in 35 different categories, including Books, Automotive, Consumer Electronics, Household goods, Fashion, Accessories, Perfumes, Toys, and Baby products.
Established in 2005, Souq.com today operates both as an award-winning retail business and an online marketplace that allows SMEs, merchants, brands and distributors to distribute their products online.
With more than 3,000 employees, we have offices and local operations in UAE, Egypt, Kingdom of Saudi Arabia and leading Product and Engineering centers in Jordan and India. We offer competitive salaries, benefits, and a unique opportunity to join the leading player in an ever growing and exciting industry.
- Conduct security code review for our Souq.com developed code
- Conduct security audits, penetration tests and vulnerability assessments.
- Enforcement and monitoring of Souq.com information security policies, procedures and processes for Souq.com devices, applications, systems and networks, and working as a member of Cyber Security Team.
- Enforcement and monitoring of Security Access Controls for Souq.com devices, applications, systems and networks.
- Assist to deliver security Awareness sessions and activities for Souq.com employees.
- Contributing in the implementation and update of Incident Handling, Business Continuity and Disaster Recovery strategies and procedures.
- Takes a leadership role in the implementation of information security projects and security considerations of information technology projects.
- Evaluates security considerations of products and services provided by suppliers and service providers.
- Provides solutions based on information security and encryption systems.
- Performs related duties as require
- BS or higher degree in computer science, computer information systems, computer engineering, security engineering or equivalent.
- 2+ years of experience with information security.
- Must be able to conduct security code review and application security testing (Highly Required)
- Solid background in development (web programming) and database
- Familiarity with applications, systems, and network security, such as MS AD Security Group Policies and Linux, Android and iOS Security.
- Familiarity with information security standards and frameworks such as ISO 27001, PCI/DSS, COBIT.
- Solid understanding of Identity Management, strong authentication, and encryption technology.
- A recognized qualification in information security or business continuity, such as CEH, CCSP, ECSA, GCIH, CBCP, OSCP is preferable
- Familiarity with security systems and solutions such as Firewalls, IPS, SEIM.
- Experience in performing security audits and vulnerability assessments.
- The ability to evaluate security and technological requirements and select suitable solutions with the least cost.
- Knowledge of networking concepts and analysis tools.
- Possession of excellent organizational skills.
- Possession of excellent oral and written communication skills.
- Ability to work with multiple projects simultaneously, with competing and conflicting deadlines.
- Kali Linux.
- Static and Dynamic application security testing
- Vulnerability Assessment and Penetration Testing.
- Experience with writing computer system exploits, including fuzzing, heap spraying
- Scripting in Python, Perl, Ruby, bash, Node.js or equivalent.
- Application and Network security.
- Windows and Linux (Mac and Mobile are plus) System administration security.
- Excellent problem solving, troubleshooting and analysis skills.
- Experience working in fast-paced development environments.
- Excellent inter-personal, training and teamwork skills.