Enable job alerts via email!
Mới Penetration Tester (PT) - Relocate to Dubai, UAE
VIRTUAL SECURITY LAB CYBER RISK MANAGEMENT SERVICES L.L.C
Dubai
Hybrid
AED 120,000 - 200,000
Full time
Job summary
A cybersecurity firm in Dubai is seeking a skilled Penetration Tester to identify security vulnerabilities through simulated cyberattacks. The ideal candidate will perform extensive testing across cloud and on-premises environments, provide detailed reporting on vulnerabilities, and support DevSecOps initiatives. Strong knowledge of tools such as Burp Suite and a background in security testing are essential for this role.
Qualifications
- Experience in security testing across various platforms including cloud and on-premises.
- Proficiency in application security testing based on industry standards such as OWASP.
- Ability to conduct comprehensive reports on vulnerabilities and remediation.
Responsibilities
- Simulate cyberattacks to identify vulnerabilities in systems and applications.
- Conduct assessments of cloud infrastructures such as AWS and Azure.
- Prepare detailed reports and present findings to stakeholders.
Skills
Tools
Job description
The Penetration Tester is responsible for simulating cyberattacks to identify security vulnerabilities across systems, applications, networks, and devices. The role involves recommending remediation measures to strengthen security defenses and mitigate risks.
2. Key Responsibilities
System & Network Security Testing
• Perform vulnerability assessments on systems, including Windows, Linux, Cloud, and Kubernetes environments.
• Conduct internal network penetration tests targeting VPN, firewalls, IDS/IPS, and other network components.
• Assess and exploit security weaknesses in cloud infrastructure (AWS, Azure, GCP).
Application Security Testing (Web, Mobile, API, Thick Client)
• Test for vulnerabilities based on OWASP Top 10, API Security Top 10, and Mobile Top 10 standards.
• Evaluate application security across Android, iOS, Windows, macOS, and Linux platforms.
• Test RESTful APIs, GraphQL, and SOAP APIs using tools such as Burp Suite, Postman, ZAP, and mitmproxy.
Advanced Penetration Testing
• Perform Red Team operations and adversary simulations to emulate real-world attack scenarios.
• Leverage advanced attack techniques, including privilege escalation, lateral movement, and evasion tactics.
• Conduct Active Directory (AD) security assessments.
• Execute social engineering campaigns, including phishing, vishing, and smishing.
Analysis & Reporting
• Prepare detailed technical reports outlining vulnerabilities and recommended remediation actions.
• Present findings to clients, developers, and stakeholders.
• Support DevSecOps initiatives by integrating security testing into the CI/CD pipeline.
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
job faster
Follow us
