# Senior Specialist - Asset Security Operations

> Qiddiya Investment Company · Riyadh, Saudi Arabia · — · Posted 2026-07-07

**Workplace:** on_site

**Department:** Asset IT Operations

## Description

Own the day-to-day security operations of business applications across Qiddiya's asset environments by managing application security controls, vulnerability remediation, secure configurations, access management, and patching. Act as the primary liaison with the Cybersecurity Team to coordinate penetration testing and code scanning activities, drive timely remediation of identified vulnerabilities, and ensure applications remain secure, compliant, and operational throughout their lifecycle

### Key Responsibilities

-   Manage WAF/API security policies, rule tuning, and virtual patching (Cloudflare).
-   Track and drive remediation of application vulnerabilities identified through penetration testing and SAST/DAST, ensuring SLA compliance via ServiceNow.
-   Coordinate application and service account access provisioning through BeyondTrust PAM.
-   Manage application patching, secure configurations, and dependency updates.
-   Maintain application security baselines, including WAF, access controls, secrets, and certificates for new application go-lives.
-   Manage application secrets and certificate lifecycle.
-   Coordinate with the Cybersecurity Team on penetration testing, code scanning, and remediation activities.
-   Monitor application security compliance and produce regular security reports.

## Requirements

-   2+ years of experience in cybersecurity, preferably in application or web security.

-   Experience with WAF platforms, ITSM tools, and vulnerability remediation processes.
-   Understanding of secure SDLC principles and the interpretation of penetration testing and SAST/DAST findings.
-   Familiarity with application patching, access management, and security configuration best practices

## Apply

[Apply at Qiddiya Investment Company](https://apply.workable.com/qiddiya-investment-company-1/j/E621D609A2/apply)

---
Powered by [Workable](https://www.workable.com)
