Sr. Security Engineer

As a Security Engineer specializing in Application Security and Penetration Testing, you will be responsible
for ensuring the security of YAP Pakistan’s cloud-native platforms and microservices-based applications.
The role involves performing penetration tests, identifying vulnerabilities, and implementing robust
security controls across modern tech stacks and cloud environments.
You will assess application security, review code, RFCs and architecture, and respond to security findings
to protect sensitive data and maintain platform integrity. Collaboration with IT, DevOps, product, and
compliance teams is essential to embed security best practices throughout the software development
lifecycle and align with industry standards and regulatory requirements.

Key Responsibilities:

• Conduct penetration testing and vulnerability assessments on web, mobile, and API-based
  applications deployed in cloud and microservice environments.
• Analyze, automate and remediate application security issues, including code review, threat modeling,
  and secure design validation.
• Work with compliance and product teams to ensure application security controls meet regulatory and
  industry standards.
• Implement and manage security tools such as SAST, DAST, and container security solutions to protect
  cloud-native applications.
• Collaborate with external security testers and auditors during third-party assessments or coordinated
  testing exercises.
• Develop and maintain secure coding guidelines, application security policies, and incident response
  procedures for application-layer threats.
• Deliver training and awareness sessions for development and engineering teams on secure coding,
  application security risks, and emerging threats.

Qualifications:

• Minimum of 2 years of experience in hands-on Cybersecurity and risk management, ideally in digital
  banking or fintech.
• Fundamental understanding and hands-on with at least one programming/scripting language.
• Strong knowledge of threat detection systems, tools, and industry practices.
• Excellent analytical, investigative, and communication skills.
• Experience collaborating with cross-functional teams and providing technical guidance.

What We Offer:

• Competitive salary and benefits package.
• Opportunities for professional growth and advancement.
• A dynamic, innovative, and inclusive work environment.
• Exposure to cutting-edge technology in the fintech sector

Why Join YAP Pakistan?

• Be part of a high-impact fintech company driving digital innovation in Pakistan’s financial ecosystem.
• Work in a collaborative, forward-thinking environment with opportunities for growth and leadership.
• Competitive compensation package including health insurance, performance bonuses, and
  professional development.

How to Apply

To be considered for this role, please send your resume to career@yappakistan.com with the subject line:

“Application for Security Engineer”