Senior Offensive Security Consultant

At IBM, we believe cybersecurity is at the core of our clients' digital transformation journeys. Our Penetration Testing team is committed to proactively identifying and mitigating security risks in both on-premises and cloud-based environments. We’re looking for a highly skilled Penetration Tester to join our team, who will use their expertise to simulate cyberattacks, assess vulnerabilities, and enhance the overall security posture of our clients.

Your role and responsibilities

We are seeking a Senior Offensive Security Consultant to join our cybersecurity services team. If you are passionate about offensive security, thrive in red teaming scenarios, and have a proven track record in vulnerability research or bug bounties, we’d love to hear from you!

• Lead and execute advanced security testing and red teaming engagements to simulate real-world adversary tactics.
• Develop, test, and deploy offensive tools and techniques.
• Collaborate with blue teams to identify and strengthen weaknesses across systems and applications.
• Conduct adversary emulation and threat modeling to improve detection and response capabilities.
• Research and stay ahead of emerging threats, vulnerabilities, and attack vectors.
• Deliver comprehensive reports and presentations in both English and Arabic to clients and internal stakeholders.

Required technical and professional expertise

• Proficient in penetration testing methodologies (OWASP, NIST, PTES), network security protocols, and a deep understanding of web application security and network vulnerabilities.
• Familiar with penetration testing tools such as Burp Suite, Metasploit, Nessus, Nmap, Wireshark, and others.
• Experience with scripting languages (e.g., Python, Bash, PowerShell, or Ruby) to automate tasks or develop custom exploits.
• Ability to identify and exploit vulnerabilities across different platforms and services (e.g., Windows, Linux, macOS, Web Applications, Cloud).
• Ability to prioritize vulnerabilities based on risk to business operations and present findings to both technical and non-technical stakeholders.
• Industry-recognized certifications such as OSCP, CEH, or GPEN are highly desirable.
• Strong communication skills to clearly articulate technical issues and findings to diverse audiences, including executives, IT teams, and developers.

Required qualifications

• Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or a related field, or equivalent work experience.
• 3+ years of professional experience in penetration testing, ethical hacking, or cybersecurity assessments.
• Hands-on experience with attack techniques, threat modeling, and vulnerability assessment tools.

Preferred technical and professional experience

Details to be collaboratively developed by hiring manager and recruiter.

Additional information

IBM is committed to creating a diverse environment and is proud to be an equal-opportunity employer. All qualified applicants will receive consideration without regard to race, color, religion, sex, gender, gender identity or expression, sexual orientation, national origin, caste, genetics, pregnancy, disability, neurodivergence, age, veteran status, or other characteristics. We adhere to all fair employment practices regarding citizenship and immigration status.