Reporting Line
\nMANAGER IAM<\/p>\n
Location
\nTanzania Head Office<\/p>\n
Department
\nCYBERSECURITY UNIT<\/p>\n
Number of openings
\n2<\/p>\n
Job Purpose<\/p>\n
The Applications Security specialist is a key member of the Security Architecture team, reporting to the Enterprise Security Architect. This role is responsible for integrating security into Agile squads and the Software Development Lifecycle (SDLC), Designing Cyber security controls in CRDB Products and services and systems.
\nIt is also responsible with providing assurance towards delivery of such controls by conducting security assessments and threat modelling and ensuring secure coding practices across all software development initiatives.
\nFurthermore, the specialist embeds secure SDLC practices inside product squads, own secure coding guidelines, orchestrate CI\/CD security with SAST, DAST, SCA and act as the primary security SME supporting developers to deliver secure features at speed.<\/p>\n
Principle Responsibilities<\/p>\n
Work closely with Agile development squads to embed security into all stages of the Software Development Lifecycle (SDLC) and support secure-by-design principles in systems and applications.
\nParticipate in application security testing, including threat modeling, vulnerability assessments, and penetration testing of web and mobile applications.
\nContribute to the adoption of secure coding practices and security best practices across the development teams.
\nConduct risk assessments and recommend security controls to mitigate identified risks.
\nParticipate in Development and maintenance of security standards, guidelines, and tools to support secure Agile development.
\nReview source code for security vulnerabilities and offer actionable recommendations to improve application security.
\nWork with Security Champions within squads to strengthen the security posture and promote a culture of security-first development.
\nAssist in the development of secure DevOps pipelines and the implementation of security in CI\/CD pipelines.
\nCollaborate with Security Champions and Software Developers to conduct automated static (SAST) and dynamic (DAST) security testing across development and production environments in the CI\/CD pipeline.
\nEnforce security policies throughout the development process and deployment stages in the CI\/CD pipeline.
\nParticipate in providing training and mentorship on secure development practices to developers and DevOps teams.
\nContribute to incident response and investigations involving application security issues.
\nAssist in evaluating third-party applications and integrations for security risks.<\/p>\n
Qualifications Required<\/p>\n
Bachelor\u2019s degree in computer science, Cyber Security, Software engineering or related academic field.
\nIndustry certifications such as CISSP, CEH, OSCP, or CSSLP are\u00a0a plus.
\nMinimum of 2 years of experience in Cyber Security and Software Development industry.
\nStrong foundation of the required skills and knowledge through projects, programs and related experience.<\/p>\n
Solid understanding of cybersecurity principles, application security, and secure coding standards (e.g., OWASP Top 10).
\nFamiliarity with security frameworks and standards (e.g., NIST, ISO 27001).
\nBasic knowledge of DevSecOps, CI\/CD pipeline security, and cloud platforms.
\nUnderstanding of ICT infrastructure, networks, and application development.
\nAnalytical and problem-solving skills, especially in identifying and mitigating security risks.
\nBasic project management and documentation skills.<\/p>\n
CRDB Commitment<\/p>\n
CRDB Bank is dedicated to upholding Sustainability and ESG practices and encourage applicants who share this commitment. The Bank also promotes an inclusive workplace, hence applications from women and individual with disabilities are encouraged.
\nIt is important to note that CRDB Bank does not charge any fees for the application or recruitment process, and any requests for payment should be disregarded as they do not represent the bank\u2019s practices.
\nOnly Shortlisted Candidates will be Contacted.<\/p>\n
Deadline
\n2026-02-12<\/p>\n
Employment Terms
\nPERMANENT<\/p>\n
Sharing is Caring! Click on the Icons Below and Share<\/p>\n","protected":false},"author":2,"featured_media":0,"template":"","meta":{"_promoted":"","_job_location":"","_application":"https:\/\/careers.crdbbank.co.tz\/jobs","_company_name":"CRDB Bank","_company_website":"","_company_tagline":"","_company_twitter":"","_company_video":"","_filled":0,"_featured":0,"_remote_position":0,"_job_salary":"","_job_salary_currency":"","_job_salary_unit":""},"job_listing_region":[11],"job-categories":[],"job-types":[12],"class_list":{"0":"post-3132","1":"job_listing","2":"type-job_listing","3":"status-expired","4":"hentry","5":"job_listing_region-tanzania","7":"job-type-full-time"},"jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/jobs.dataaxisnode.com\/tanzania\/wp-json\/wp\/v2\/job-listings\/3132","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/jobs.dataaxisnode.com\/tanzania\/wp-json\/wp\/v2\/job-listings"}],"about":[{"href":"https:\/\/jobs.dataaxisnode.com\/tanzania\/wp-json\/wp\/v2\/types\/job_listing"}],"author":[{"embeddable":true,"href":"https:\/\/jobs.dataaxisnode.com\/tanzania\/wp-json\/wp\/v2\/users\/2"}],"wp:attachment":[{"href":"https:\/\/jobs.dataaxisnode.com\/tanzania\/wp-json\/wp\/v2\/media?parent=3132"}],"wp:term":[{"taxonomy":"job_listing_region","embeddable":true,"href":"https:\/\/jobs.dataaxisnode.com\/tanzania\/wp-json\/wp\/v2\/job_listing_region?post=3132"},{"taxonomy":"job_listing_category","embeddable":true,"href":"https:\/\/jobs.dataaxisnode.com\/tanzania\/wp-json\/wp\/v2\/job-categories?post=3132"},{"taxonomy":"job_listing_type","embeddable":true,"href":"https:\/\/jobs.dataaxisnode.com\/tanzania\/wp-json\/wp\/v2\/job-types?post=3132"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}