N

Penetration Tester (Offensive Security Specialist)

Naseej

Riyadh, Riyadh Province, Saudi Arabia · Full Time

Be the first to apply

Experience
3–4 yrs
Salary
Openings
1
Posted
4 days ago
Work mode
In office
Education
Bachelor’s degree
Eligibility
Candidates with a relevant bachelor’s degree and 3–4 years of directly related penetration testing or offensive security experience are suitable to apply. Strong English and Arabic communication skills are expected, and certification in offensive security is an advantage.
Resume
Required to apply

Where you'll work

Job description

Company Overview

Naseej is a long-established technology firm focused on advancing digital transformation in learning and knowledge management. For nearly 36 years, the company has supported customers across the MENA region with solutions that create richer user experiences, reduce technical overhead, and help organizations concentrate on their strategic goals.

Role Summary

The Penetration Tester, also referred to as an Offensive Security Specialist, will carry out authorized simulated attacks on networks, applications, and infrastructure to uncover security gaps before they can be abused by real attackers. The position calls for practical offensive security expertise along with the ability to turn technical results into clear remediation advice.

What You Will Do

  • Design, plan, and run penetration tests across web apps, APIs, mobile apps, networks, and both cloud and on-premises environments.
  • Carry out vulnerability reviews and verify results so that false positives are removed.
  • Use manual exploitation techniques in addition to automated tools to evaluate actual risk.
  • Conduct approved phishing and other social engineering simulations when required.
  • Prepare thorough reports that explain findings, risk levels, business impact, and recommended fixes in priority order.
  • Deliver findings to both technical audiences and non-technical stakeholders in a clear debrief.
  • Re-test vulnerabilities after remediation to confirm they have been properly resolved.
  • Keep up to date with new threats, attack methods, exploit techniques, and security tooling.
  • Contribute to red team activities and work alongside blue team and SOC teams when needed.
  • Operate strictly within the agreed scope, rules of engagement, and relevant regulations.

Required Profile

  • A bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or a closely related discipline.
  • 3 to 4 years of direct, hands-on experience in penetration testing or offensive security, with work that is fully relevant to this role.
  • Strong understanding of widely used vulnerability models and frameworks such as OWASP Top 10 and MITRE ATT&CK.
  • Practical experience using tools like Burp Suite, Metasploit, Nmap, Nessus, Kali Linux, and similar utilities.
  • Good knowledge of networking protocols, Windows and Linux operating systems, and web technologies.
  • Ability to script and automate tasks using Python, Bash, or PowerShell.
  • Strong report writing and communication skills in both English and Arabic.
  • Professional certifications such as OSCP, CEH, GPEN, eJPT/eCPPT, or equivalent credentials are preferred.

Core Competencies

  • Sharp analytical thinking and effective problem-solving ability.
  • Careful attention to detail and a disciplined testing approach.
  • Capacity to work independently and manage engagements from start to finish.
  • Familiarity with Saudi regulatory and compliance requirements, including NCA controls, is an added advantage.

Additional Information

This is a full-time, onsite position based in Riyadh, Saudi Arabia. The role is focused on authorized security testing and must always remain within approved scope and compliance requirements.

Leave it if you'd like a reply — we won't use it for anything else.

Click to browse, drag & drop, or paste a screenshot

PNG, JPG, GIF, MP4, WebM, MOV · Max 20MB each · Up to 5 files

🤖
Broxer Assistant
Online · instant AI help
🤖
AI-powered · answers from Broxer Help