Information Security Engineer - VAPT

tabbyRiyadh, KSA2 weeks agoSenior

Via NaukriGulf·

About This Role

We are thrilled to announce an opportunity for a skilled Information Security Engineer to join our team and play a role in enhancing our security measures by utilizing your abilities and deep knowledge of information security methodologies. Paying attention to details and efficiently solving problems will be crucial in ensuring the safety of Tabby s systems.

The role you will be involved in both operations and important implementation projects contributing to the growth and maintenance of our technology infrastructure. If you have a passion for cybersecurity, possess technical skills and aspire to make a significant impact we strongly encourage you to apply and become an essential part of our dedicated cybersecurity team.

Penetration Testing: Perform Dynamic Application Security Testing (DAST) and Static Application Security Testing (SAST) for Web, Mobile, and API applications. Plan and conduct Infrastructure Vulnerability Assessment and Penetration Testing of systems, switches, servers, and more.
Adversary Simulation (Red Teaming): Participate in sophisticated Red Team
engagements, emulating real-world threat actor Tactics, Techniques, and Procedures (TTPs) to assess the detection and response capabilities of the Blue Team/SOC.
Vulnerability & Application Security Analysis: Conduct both Dynamic (DAST) and Static (SAST) Application Security Testing, and perform systematic vulnerability assessments using automated tools combined with meticulous manual verification.
Report Development: Produce actionable, high-quality assessment reports that clearly articulate technical findings, business risk, and remediation strategies for both technical implementers and non-technical executives.
Control Evasion & Social Engineering: Conduct controlled offensive testing, including Breach & Attack Simulations (BAS) and targeted phishing campaigns, to assess the resilience and bypassability of technical and human controls.
Tool Development & Reporting: Develop and maintain custom scripts and tools to enhance offensive security capabilities, and produce high-quality, actionable reports detailing discovered threats and validated vulnerabilities on an ongoing basis.
Security Awareness: Experience in conducting phishing simulations and other
awareness exercises to evaluate employee susceptibility to social engineering attacks and provide targeted training to enhance resilience.

Degree in Information Technology, Computer Science, Software Engineering, or related field
Knowledge of Information Technology security issues and approaches to manage
Information Technology security with a fast paced Fintech environment.
Security Qualification Good to have: Offensive Security Certified Professional (OSCP), GIAC Penetration Tester (GPEN), GIAC Web Application Penetration Tester (GWAPT), CREST Registered Penetration Tester (CRT) or equivalent.
Excellent communication, influencing and stakeholder management skills
2-3 Experience of working across teams to deliver solutions and generate high levels of internal buy-in
Experience of working in a culturally diverse environment
Knowledge of online technologies, payment methods, content delivery networks, REST APIs, microservices, and application development.
Programming and scripting understanding (Bash, Python etc.)

Similar Jobs

Information Security Engineer L2

Prospex Development · Riyadh

Mid-Senior

**Role Overview** We are seeking a skilled **Information Security Engineer L2** to support and enhance the organization’s cybersecurity operations. The role focuses on managing security platforms, monitoring threats, res

Scala

Yesterday

Generate Resume ↗

Information Security Engineer L3

Prospex Development · Riyadh

Mid-Senior

**Key Responsibilities** * Conduct advanced penetration testing and comprehensive security assessments across systems, networks, and applications. * Identify, analyze, and remediate vulnerabilities in infrastructure and

Risk Management

Yesterday

Generate Resume ↗

Information Security Engineer L3 ( Saudi National)

Naba Enterprises · الرياض

Senior

Please note that only Saudi Nationals are eligible for this position. Arabic candidates from other nationalities will not be considered. **Key Responsibilities:** Conduct penetration testing and advanced security assessm

Risk ManagementArabic

3 days ago

Generate Resume ↗

Chief Information Security Officer (CISO)

ADI HR & Consulting · Riyadh

Executive

Design and execute cybersecurity strategy, ensure compliance with regulations, lead risk assessments, and promote security awareness while collaborating with stakeholders.

Information Security OfficerChief Security OfficerCybersecurity Manager

3 days ago

Generate Resume ↗

Information security Lead Auditor (Kingdom of Saudi Arabia)

DNV · Jiddah

Senior

**About Us** We are the independent expert in assurance and risk management. Driven by our purpose, to safeguard life, property, and the environment, we empower our customers and their stakeholders with facts and reliabl

Risk ManagementVAT

1 weeks ago

Generate Resume ↗

Information Security Engineer L2

People Dynamics · Riyadh

Senior

Manage and monitor security systems, perform vulnerability assessments, and respond to incidents with strong hands-on experience in cybersecurity tools and certifications.

Cybersecurity SpecialistInformation Security OfficerSecurity Automation

1 weeks ago

Generate Resume ↗

Chief Information Security Officer

Ameera Talent Solutions LTD · Riyadh

Executive

**Role Description** Chief Information Security Officer (CISO) Riyadh, Saudi Arabia \| On\-site SAR 420,000 – 480,000 per Year \+ package Saudi preferred \- Arabic Speaking preferred **Permanent** Ameera Talent Solutions

Arabic

1 weeks ago

Generate Resume ↗

Information security Lead Auditor (Kingdom of Saudi Arabia)

DNV · Jiddah

Senior

Risk ManagementVAT

1 weeks ago

Generate Resume ↗