Red Team & Security Assessment Specialist

Job Title: Red Team & Security Assessment Specialist Penetration Testing, Adversary Simulations
Location: United Arab Emirates
Experience: 7+ Years
Job Type: Long-Term | On-site
Department: Offensive Security / Cyber Defense

---

Job Summary:

We are seeking a skilled and experienced Red Team & Security Assessment Specialist to conduct advanced penetration testing, adversary simulations, and security assessments across enterprise networks, applications, and cloud infrastructure. The ideal candidate will emulate real-world attack scenarios to uncover vulnerabilities, evaluate defense mechanisms, and work with stakeholders to mitigate security gaps.

---

Key Responsibilities:

Lead and execute advanced red team operations, simulating real-world threat actor tactics (TTPs) based on MITRE ATT&CK framework.

Perform penetration testing across web applications, internal/external networks, APIs, cloud platforms (AWS, Azure, GCP), and mobile environments.

Conduct social engineering exercises, phishing simulations, and physical security assessments where applicable.

Identify and exploit vulnerabilities using both commercial and open-source tools (e.g., Cobalt Strike, Metasploit, Burp Suite, BloodHound, Nmap).

Develop custom exploit scripts, payloads, or post-exploitation tools to support red teaming engagements.

Deliver detailed reports, risk ratings, and remediation guidance to technical and executive stakeholders.

Collaborate with blue team/SOC to strengthen detection and response capabilities and assist in purple team exercises.

Stay current with emerging threats, vulnerabilities, and offensive security techniques; contribute to the continuous improvement of testing methodologies.

Support security audits and regulatory requirements by providing evidence of threat simulation and assessment activities.

---

Required Skills & Qualifications:

Bachelor s or Master s degree in Cybersecurity, Computer Science, or a related technical field.

Minimum of 7 years experience in ethical hacking, red teaming, or offensive security roles.

Proficiency in penetration testing methodologies (OWASP, PTES, NIST SP 800-115) and exploit frameworks.

Strong understanding of network protocols, operating system internals (Windows, Linux), and cloud environments.

Hands-on experience with scripting and automation (Python, Bash, PowerShell) to develop custom tools.

Familiarity with Active Directory attacks, lateral movement, persistence techniques, and privilege escalation.

Certifications preferred: OSCP, OSCE, CRTP, CRTO, GPEN, GXPN, or equivalent.

Strong analytical, documentation, and communication skills with the ability to deliver technical and executive-level reports.

---

Nice to Have:

Experience with purple team engagements, threat emulation planning, and red vs. blue assessments.

Knowledge of threat intelligence integration in red team planning.

Familiarity with Evasion techniques (e.g., bypassing EDR/XDR).

Experience in cloud-specific attacks and misconfiguration exploitation in AWS, Azure, or GCP.

Disclaimer: Naukrigulf.com is only a platform to bring jobseekers & employers together. Applicants are advised to research the bonafides of the prospective employer independently. We do NOT endorse any requests for money payments and strictly advice against sharing personal or bank related information. We also recommend you visit Security Advice for more information. If you suspect any fraud or malpractice, email us at abuse@naukrigulf.com