Enable job alerts via email!

Security Testing Engineer

Ultimate HR Solutions

Dubai

On-site

AED 200,000 - 300,000

Full time

Today

Be an early applicant

Generate a tailored resume in minutes

Land an interview and earn more. Learn more

Job summary

A leading HR solutions provider is hiring a Security Engineer based in Dubai. The role encompasses Application Infra and API Vulnerability Assessment & Penetration Testing, alongside leading Advanced Security Programs to mitigate evolving threats. Candidates should possess strong expertise in web, API, and cloud security, with hands-on experience in Secure SDLC practices. Mandatory certifications include OSCP and CEH. This position offers comprehensive benefits as per UAE law.

Benefits

All Mandatory Benefits as per UAE law

Qualifications

5+ years of experience in Application Security Penetration Testing or Offensive Security.
Strong expertise in Web, API, Cloud and Infrastructure Security Testing.
Hands-on experience with Secure SDLC and integrating security into CI/CD pipelines.

Responsibilities

Conduct Vulnerability Assessment & Penetration Testing (VAPT).
Perform manual security testing for web, mobile, cloud and APIs.
Lead Red Team Assessments to simulate real-world cyberattacks.

Skills

Application Security Penetration Testing

Web Security Testing

API Security Testing

Cloud Security Testing

Scripting skills (Python, Bash, PowerShell)

Tools

BurpSuite

ZAP

Metasploit

Nmap

SQLmap

Wireshark

Role Overview

We are looking for a Security Engineer who will be responsible for Application Infra and API Vulnerability Assessment & Penetration Testing (VAPT) for:

Existing applications
New applications
Each sprint cycle

Beyond VAPT, this role will also be responsible for initiating and executing Advanced Security Programs (ASP) ensuring we stay ahead of evolving threats.

Key Responsibilities

Vulnerability Assessment & Penetration Testing (VAPT)
Perform manual security testing for web, mobile, cloud and APIs.
Identify business logic flaws, API abuse scenarios and complex attack vectors missed by automated tools.
Conduct AWS security assessments and cloud penetration testing for our environments.
Integrate VAPT testing into the CI/CD pipeline to ensure security at every development stage.
Develop and maintain internal security playbooks and checklists for security testing.

Advanced Security Programs (ASP)

Lead Red Team Assessments to simulate real-world cyberattacks on our systems.
Enhance Blue Team security monitoring & detection strategies.
Organize Purple Team exercises ensuring collaboration between offensive and defensive security teams.
Develop and implement Emerging Threat Frameworks (ETFs) to proactively mitigate evolving threats.

Security Compliance & Best Practices

Work with Development, DevSecOps and IT Teams to remediate vulnerabilities and harden application security.
Conduct code reviews and threat modelling for new features and applications.
Stay updated with the latest vulnerabilities, exploits and security trends ensuring proactive risk mitigation.

Requirements Key Skills & Experience

58 years of experience in Application Security Penetration Testing or Offensive Security.
Strong expertise in Web, API, Cloud and Infrastructure Security Testing.
Experience with security tools such as BurpSuite, ZAP, Metasploit, Nmap, SQLmap, Wireshark, etc.
Familiarity with AWS, Azure and GCP security principles and cloud penetration testing methodologies.
Hands-on experience with Secure SDLC (Software Development Lifecycle) and integrating security into CI/CD pipelines.
Scripting skills (Python, Bash or PowerShell) to automate security testing.

Certifications

OSCP (Offensive Security Certified Professional) Mandatory
CEH (Certified Ethical Hacker) Mandatory
AWS Security Specialty Optional
CISSP or GIAC Security Certifications Optional

Benefits

All Mandatory Benefits as per UAE law.

Get your free, confidential resume review.

or drag and drop a PDF, DOC, DOCX, ODT, or PAGES file up to 5MB.

Top cities

Top companies

Popular jobs