Overview
Tooling & DevSecOps Jobs in Dubai, UAE/Dubai at Tandemsearch
Position: Security Engineer – Tooling & Dev Sec Ops
Location: Dubai
Job Purpose
The primary focus of this role is to build and maintain the shared automation backbone that supports both security operations teams (Red, Blue, Purple) and the product SDLC. This role is responsible for eliminating operational toil by developing reliable pipelines for scans, telemetry, and evidence management, while embedding security into Dev Ops workflows to ensure vulnerabilities are identified and remediated early in the development process.
Key Responsibilities CI/CD & Dev Sec Ops Automation
- Integrate SAST (Semgrep), DAST (ZAP, Burp), and SCA scanners into Git Hub/Git Lab pipelines.
- Enforce IaC and container-image checks (Terraform, Cloud Formation, Dockerfile linters).
- Publish build-stage security metrics (OWASP risk tags, pass/fail gates) to engineering dashboards.
Offensive & Defensive Tooling
- Orchestrate bulk scans (ZAP, Nuclei, Semgrep) outside the SDLC for red‑team engagements.
- Parse SARIF/JSON outputs and route findings to Defect Dojo and Jira with de‑duplication logic.
Telemetry Ingestion & SIEM/XDR Pipelines
- Maintain schemas, enrichment, and data‑quality checks for Windows/M365, AWS, and Azure logs.
- Monitor pipeline health via automated SLIs/SLOs; trigger self‑healing routines where feasible.
- Standardise Nuclei templates, Burp/ZAP add‑ons, Sigma rules, and threat‑hunt notebooks.
- Version and distribute through an internal registry; provide CLI tooling for one‑command deployment.
- Operate disposable AD forests, cloud sandboxes, and target containers for red/purple exercises.
- Provide “one‑click” Terraform/Ansible scripts that bootstrap environments in
Title: Tooling & DevSecOps
Company: Tandemsearch
Location: Dubai, UAE/Dubai
Category: