Overview

Tooling & DevSecOps Jobs in Dubai, UAE/Dubai at Tandemsearch

Position: Security Engineer – Tooling & Dev Sec Ops

Location: Dubai

Job Purpose

The primary focus of this role is to build and maintain the shared automation backbone that supports both security operations teams (Red, Blue, Purple) and the product SDLC. This role is responsible for eliminating operational toil by developing reliable pipelines for scans, telemetry, and evidence management, while embedding security into Dev Ops workflows to ensure vulnerabilities are identified and remediated early in the development process.

Key Responsibilities CI/CD & Dev Sec Ops  Automation

  • Integrate SAST (Semgrep), DAST (ZAP, Burp), and SCA scanners into Git Hub/Git Lab pipelines.
  • Enforce IaC and container-image checks (Terraform, Cloud Formation, Dockerfile linters).
  • Publish build-stage security metrics (OWASP risk tags, pass/fail gates) to engineering dashboards.

Offensive & Defensive Tooling

  • Orchestrate bulk scans (ZAP, Nuclei, Semgrep) outside the SDLC for red‑team engagements.
  • Parse SARIF/JSON outputs and route findings to Defect Dojo and Jira with de‑duplication logic.

Telemetry Ingestion & SIEM/XDR Pipelines

  • Maintain schemas, enrichment, and data‑quality checks for Windows/M365, AWS, and Azure logs.
  • Monitor pipeline health via automated SLIs/SLOs; trigger self‑healing routines where feasible.
  • Standardise Nuclei templates, Burp/ZAP add‑ons, Sigma rules, and threat‑hunt notebooks.
  • Version and distribute through an internal registry; provide CLI tooling for one‑command deployment.
  • Operate disposable AD forests, cloud sandboxes, and target containers for red/purple exercises.
  • Provide “one‑click” Terraform/Ansible scripts that bootstrap environments in

Title: Tooling & DevSecOps

Company: Tandemsearch

Location: Dubai, UAE/Dubai

Category:

Upload your CV/resume or any other relevant file. Max. file size: 800 MB.