Security Testing Engineer
نُشرت في :
14-04-2025
صاحب العمل نشط
1 وظيفة شاغرة
حالة تأهب وظيفة
سيتم تحديثك بأحدث تنبيهات الوظائف عبر البريد الإلكترونيValid email field required
أرسل الوظائف
شارك هذه الوظيفة
أرسل لي وظائف مشابهة
حالة تأهب وظيفة
سيتم تحديثك بأحدث تنبيهات الوظائف عبر البريد الإلكترونيValid email field required
أرسل الوظائف
الوصف الوظيفي
Role Overview
We are looking for a Security Engineer who will be responsible for Application Infra and API Vulnerability Assessment & Penetration Testing (VAPT) for:
Existing applications
New applications
Each sprint cycle
Beyond VAPT this role will also be responsible for initiating and executing Advanced Security Programs (ASP) ensuring we stay ahead of evolving threats.
Key Responsibilities:
Vulnerability Assessment & Penetration Testing (VAPT)
Perform manual security testing for web mobile cloud and APIs.
Identify business logic flaws API abuse scenarios and complex attack vectors missed by automated tools.
Conduct AWS security assessments and cloud penetration testing for our environments.
Integrate VAPT testing into the CI/CD pipeline to ensure security at every development stage.
Develop and maintain internal security playbooks and checklists for security testing.
Advanced Security Programs (ASP)
Lead Red Team Assessments to simulate realworld cyberattacks on our systems.
Enhance Blue Team security monitoring & detection strategies.
Organize Purple Team exercises ensuring collaboration between offensive and defensive security teams.
Develop and implement Emerging Threat Frameworks (ETFs) to proactively mitigate evolving threats.
Security Compliance & Best Practices
Work with Development DevSecOps and IT Teams to remediate vulnerabilities and harden application security.
Conduct code reviews and threat modelling for new features and applications.
Stay updated with the latest vulnerabilities exploits and security trends ensuring proactive risk mitigation.
Requirements
Key Skills & Experience:
58 years of experience in Application Security Penetration Testing or Offensive Security.
Strong expertise in Web API Cloud and Infrastructure Security Testing.
Experience with security tools such as BurpSuite ZAP Metasploit Nmap SQLmap Wireshark etc.
Familiarity with AWS Azure and GCP security principles and cloud penetration testing methodologies.
Handson experience with Secure SDLC (Software Development Lifecycle) and integrating security into CI/CD pipelines.
Scripting skills (Python Bash or PowerShell) to automate security testing.
Certifications:
OSCP (Offensive Security Certified Professional) Mandatory
CEH (Certified Ethical Hacker) Mandatory
AWS Security Specialty Optional
CISSP or GIAC Security Certifications Optional
Benefits
All Mandatory Benefits as per UAE law
نوع التوظيف
دوام كامل
المهارات المطلوبة
الإبلاغ عن هذه الوظيفة
إخلاء المسؤولية: د.جوب هو مجرد منصة تربط بين الباحثين عن عمل وأصحاب العمل. ننصح المتقدمين بإجراء بحث مستقل خاص بهم في أوراق اعتماد صاحب العمل المحتمل.
نحن نحرص على ألا يتم طلب أي مدفوعات مالية من قبل عملائنا، وبالتالي فإننا ننصح بعدم مشاركة أي معلومات شخصية أو متعلقة بالحسابات المصرفية مع أي طرف ثالث. إذا كنت تشك في وقوع أي احتيال أو سوء تصرف، فيرجى التواصل معنا من خلال تعبئة النموذج الموجود على الصفحة اتصل بنا
