Offensive Security Engineer (Vulnerability Management & Penetration Testing)
About This Role
Location: UAE
Experience: 2-3 years
Role Overview:
We are looking for a highly skilled Offensive Security Consultant with strong expertise in both Vulnerability Management and Penetration Testing across enterprise environments. The ideal candidate should have hands-on experience identifying, validating, prioritizing, and supporting remediation of security vulnerabilities across modern infrastructure, applications, and cloud platforms.
Key Responsibilities:
Penetration testing across:
- Web, API & mobile applications
- Internal, external & wireless networks
- Active Directory environments
Vulnerability Management:
- Perform continuous vulnerability assessments using enterprise tools
- Perform risk-based prioritization of findings based on business impact and threat context
- Provide actionable remediation guidance to IT and engineering teams
- Track remediation progress
- Support patch management cycles and security hardening initiatives
Technical Skills Required:
Must Have Certification(s): OSCP
Strong knowledge of:
- OWASP Top 10 for Web, Mobile & API
- Network protocols and infrastructure security
- Active Directory attacks (Kerberos abuse, ACLs, AD CS, etc.)
- Commercial and open-source Vulnerability Management tools such as Tenable, Rapid7 InsightVM, Greenbone OpenVAS
Good understanding of:
- CVSS scoring and risk prioritization
- Patch management and remediation workflows
Soft Skills:
- Strong analytical and problem-solving mindset
- Ability to clearly communicate technical findings to both technical and non-technical stakeholders
- Experience working with cross-functional teams (IT, DevOps, Security)
- Write professional reports, and present findings to relevant stakeholders and executives
Nice to Have:
Certifications such as OSWE, CRTP, CRTO
Experience in security assessments of:
- Custom-built and proprietary AI/LLMs
- Cloud environments (AWS/Azure/GCP)
- Containers & Kubernetes environments
- Experience working in regulated environments (preferably within UAE) such as DESC's Al Kashif & Al Maha
What You’ll Do Day-to-Day:
- Identify real-world exploitable vulnerabilities (not just scan results)
- Help organizations prioritize what actually matters
- Bridge the gap between offensive security and remediation
- Contribute to improving overall security posture, and not just reporting issues
Similar Jobs
Senior Offensive Security Consultant – FortiGuard Proactive Services
Fortinet · الرياض
**Responsibilities:** **Customer Engagements** : Collaborate with clients to understand their security needs and objectives. Lead and deliver Red Team and penetration testing engagements, ensuring high\-quality results t
1 months ago
Generate Resume ↗Senior Offensive Security Consultant – FortiGuard Proactive Services
Fortinet · Riyadh
**Job Description** **Responsibilities:** **Customer Engagements** : Collaborate with clients to understand their security needs and objectives. Lead and deliver Red Team and penetration testing engagements, ensuring hig
1 months ago
Generate Resume ↗Stop applying blindly.
Start getting hired.
Base Career automates the hardest parts of job searching — apply smarter, not harder.
AI Resume in 60s
Your resume rewritten for this exact role using the job description as the brief.
ATS-Optimized
Get past automated screening filters with the right keywords matched to each job.
Application Tracker
Track every job, follow-up, and interview in one visual kanban board.
Free plan · No credit card required