Application Security Testing Manager

Dubai, UAE

Netcracker Shaping the Digital Future

As a proud subsidiary of NEC Corporation, Netcracker is a global software leader driving innovation at scale. We combine an open Agentic AI Platform with AI-Native IT Solutions to help telecommunication providers transform, innovate, and deliver results that matter. Powered by cutting-edge technology—and the passion of our people—we unlock new opportunities, spark innovation, and create better digital experiences for millions worldwide. Join us and be part of a team that is not just keeping up with the digital future—we’re leading it.

Are you passionate about securing critical applications and leading high-performing security teams to perform security testing activities for large scale projects? Join Netcracker Technology, a global leader in digital transformation, where your expertise in application security testing, will protect cutting-edge solutions used by top-tier service providers around the world. Netcracker delivers market-leading, next-gen BSS, OSS, cloud, 5G, IoT, SDN/NFV and mission-critical solutions to Telco’ around the globe. As a wholly owned subsidiary of NEC Corporation, our comprehensive portfolio of software solutions and professional services enables large-scale digital transformations, unlocking the opportunities of the cloud, virtualization and the changing mobile ecosystem. This is your opportunity to lead security efforts across web, mobile, and API platforms while influencing the future of secure software development.

Position Summary

We are looking for a person with good knowledge of web and mobile applications security testing, proven experience of handling large-scale security testing projects, including static and dynamic assessment methods for web, mobile and API’s. it will be required to demonstrate the knowledge of common attacks for mobile, web and API systems and relevant methods of their remediation, secure design patterns of business flows within web and mobile applications, cryptography specifications (TLS, X.509, hashing and encryption algorithms, handshake) and their common implementation flaws, basic understanding for authentication standards (Oauth 2.0, Open ID Connect, SAML).

Demonstrable knowledge about test management using Jira or similar tools, test case set-up, report generation, defect management lifecycle and risk scoring using industry standard methodologies like CVSS. The role will be responsible for driving security testing activity, ensuring the timely delivery of assessments and collaborating with cross-functional teams in an implementation project for our clients.

Principal Duties and Responsibilities:

  • Lead and manage a team of application security testers to execute comprehensive security testing across web, API, and mobile
  • Plan and prioritize testing activities to ensure timely delivery of security assessments and actionable remediation plans.
  • Conduct and direct, hands-on application security testing, including Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST) and / or Mobile Application Security Testing (MAST) and / or Software Composition Analysis (SCA).
  • Produce clear and concise documentation like test strategy, test plan, testing report, issue summary along with prioritization based on risk and impact of the issue identified.
  • Work closely with Development, QA, and DevOps teams to embed security throughout the Software Development Lifecycle (SDLC).
  • Champion OWASP Top 10, CWE, and other global security standards across engineering practices.
  • Effectively manage reporting to client and different stakeholders on testing progress, issues, risks and collaborate on remediation of risks for testing process.
  • Monitor emerging threats and security trends, recommending improvements and countermeasures as needed.
  • Provide ongoing mentorship and training to junior team members and promote a security-first mindset.
  • Represent application security in cross-functional discussions and audits.

Background and Skills:

  • 8–15 years of experience in Application Security Testing, with at least 2–3 years in a leadership or managerial role.
  • Proven experience in manual security testing techniques beyond tool-based scanning.
  • Strong hands-on expertise with SAST, DAST and SCA tools and frameworks.
  • Experience testing a range of applications including Web, RESTful APIs, and Mobile apps.
  • Deep understanding of OWASP Top 10, CWE, secure coding practices, and vulnerability mitigation techniques.
  • Familiarity with DevSecOps principles and integrating security testing into CI/CD pipelines
  • Strong communication, stakeholder management, and reporting skills.
  • Relevant certifications such as OSCP, CEH, GWAPT, or equivalent are a plus.

Education:  

Higher technical education - university degree in a relevant domain

#LI-KS1

"All of our job opportunities in Brazil are open to people with disabilities (PWDs)"/  “Todas as nossas oportunidades de vagas no Brasil são abertas a pessoas com deficiência (PCDs)"

 

Connect with us on LinkedIn and stay up to date on our company news.

#LI-Onsite

Create a Job Alert

Interested in building your career at Netcracker? Get future opportunities sent straight to your email.

Apply for this job

*

indicates a required field

Resume/CV*

Accepted file types: pdf, doc, docx, txt, rtf

Cover Letter

Accepted file types: pdf, doc, docx, txt, rtf

Education

Select...
Select...
Select...
Select...
Select...

Netcracker Technology – Candidate Privacy Notice  

  1. What is the purpose of this document?

Netcracker Technology (“Netcracker” or “we” or “us”) is responsible for deciding how the personal information that you provide as part of your application for a job with Netcracker, is used. We are made up of various group companies. This notice provides you with key information about how the Netcracker company you are applying to will use your Data.

 

  1. Definitions to help you understand this Privacy Notice

 

Defined Term

Meaning

Data

Any Personal Data, and where relevant, any Special Categories of Personal Data.

Personal Data

Any information about Employees, who can either be directly identified from the data or indirectly identified if that information was connected with other information.

Processing

Any handling of an Employee’s Personal Data including (but not limited to) the collection, storage, organising, use and destruction of that data. 

Special Categories of Personal Data

Personal Data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade-union membership; genetic data or biometric data; and data concerning health or sex life and sexual orientation.

 

  1. The kind of information we hold about you

In connection with your application, we will collect and store Data that is contained in;

  • your CV;
  • your covering letter;
  • your on-line application through Greenhouse; and
  • any information you provide to us during an interview.

We may also collect, store and use the following Special Categories of Data, including

  • information about your race, ethnicity, religious beliefs, sexual orientation or political opinions; and
  • information about your health, including any medical condition, health and sickness records.
  1. How is your Data collected?

We may collect Data directly from you but also from any appointed background check provider or credit reference agency, your named referees and certain publically accessible Data sources (for example from LinkedIn).

  1. How do we use your Data?

We will use the Data we collect about you to:

  • assess your skills, qualifications, and suitability for the applicable role;
  • carry out background and reference checks, where applicable;
  • communicate with you about the recruitment process; and
  • keep records related to our hiring processes.

We have a legitimate interest in Processing your Data to make sound, fair and justifiable recruitment decisions, to benefit the Netcracker business.

  1. How do we use Special Categories of Personal Data?

We will use your Special Categories of Personal Data in the following ways:

  • We will use information about your disability status to consider whether we need to provide appropriate adjustments during the recruitment process; and
  • We will use information about your race or national or ethnic origin, religious, philosophical or moral beliefs, or your sexual life or sexual orientation, to ensure meaningful equal opportunity monitoring and reporting.

The above Processing is being conducted for the purposes of carrying out obligations and exercising rights in the field of employment law.

  1. What happens if you don’t provide any relevant Data?

If you fail to provide any Data when requested (following the initial Data you are submitting on this site), we will not be able to evaluate your application and therefore process your application further.

  1. Automated decision-making

You will not be subject to decisions that will have a significant impact on you based solely on automated decision-making.

  1. Why might we share your Data?

Your Data may be shared with the following third parties for the purposes of processing your application:

  • Other companies within the Netcracker group of companies, which are based in the United States. If you are applying to us from the EU, the internal transfer of Data to the United States of America will be subject to appropriate additional safeguards, such as the privacy shield, or the EU Standard Contractual Clauses.
  • Greenhouse Software, Inc, a cloud based services provider located in the United States of America and engaged to help Netcracker manage the recruitment and hiring process. The transfer will be subject to appropriate additional safeguards under the privacy shield.
  • Certain third-party organisations that Netcracker will engage to help evaluate your application, who are located both inside and outside of the EEA.
  1. For how long will we use your Data?

If your application is unsuccessful, unless we have a legitimate reason for retaining the Data for longer, we will retain only limited aspects of your Data for a period of two years after we have communicated our decision to you. We may also retain your application so we can consider you for future roles, if this is acceptable to you. After these periods, we will securely destroy your Data.

If your application is successful, we may retain any relevant Data that you have provided as part of the application process in the Greenhouse applicant tracking system and/or your personnel file. The remaining information shall be securely destroyed.

  1. What rights do you have in connection with your Data?

Under certain circumstances, by law you have the right to:

  • Request access to your Data (commonly known as a "data subject access request"). This enables you to receive a copy of the Data we hold about you and to check that we are lawfully Processing it.
  • Request correction of the Data that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
  • Request erasure of your Data. This enables you to ask us to delete or remove Data where there is no good reason for us continuing to Process it. You also have the right to ask us to delete or remove your Data where you have exercised your right to object to processing (see below).
  • Object to Processing of your Data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your Data for direct marketing purposes.
  • Request the restriction of Processing of your Data. This enables you to ask us to suspend the processing of Data about you, for example if you want us to establish its accuracy or the reason for processing it.
  • Request the transfer of your Data to another party. 

If you have any questions about this privacy notice, please contact Privacy@Netcracker.com. You have the right to make a complaint in relation to how your data is used at any time to the supervisory authority in the country you are resident in, where you work, or where the alleged infringement of your data rights took place.