S
Penetration Tester Specialist
Jeddah, Makkah Province, Saudi Arabia · Full Time
Be the first to apply
- Experience
- 2+ yrs
- Salary
- —
- Openings
- 1
- Posted
- 12 hours ago
- Work mode
- In office
- Education
- Bachelor's degree
- Eligibility
- Saudi nationals with a bachelor’s degree in a relevant field and at least 2 years of experience in penetration testing and secure code review can apply.
- Resume
- Required to apply
Where you'll work
Job description
Job Summary
This position is for an experienced Penetration Testing and Secure Code Review Specialist to support a major semi-government organization in Jeddah. The role focuses on uncovering security weaknesses, reviewing code for vulnerabilities, and turning findings into practical recommendations that strengthen the organization’s security posture. Strong expertise in offensive security, application security, and secure software development is essential.
Key Responsibilities
- Carry out penetration testing across web, mobile, API, network, and infrastructure environments.
- Review application source code both manually and with automation to identify security flaws in Java, .NET, Python, PHP, JavaScript, and related technologies.
- Assess, verify, and rank vulnerabilities according to their business impact and risk level.
- Produce detailed technical findings and executive-level reports with clear remediation guidance.
- Use standard security tools to run vulnerability assessments.
- Work closely with development teams to fix identified security issues.
- Re-test systems to confirm that remediation has been implemented effectively.
- Support threat modeling exercises and review security architecture.
- Ensure solutions follow secure coding practices and application security standards.
- Contribute to Secure SDLC activities and DevSecOps adoption.
- Create proof-of-concept demonstrations for vulnerabilities when necessary.
- Stay current on new attack methods, threat patterns, and cybersecurity developments.
- Join red team and purple team activities when required.
- Help maintain alignment with cybersecurity frameworks and regulatory obligations.
Requirements
- Bachelor’s degree in Computer Science, Cybersecurity, Information Security, or a related discipline.
- Saudi nationality is mandatory.
- At least 2 years of direct experience in penetration testing and secure code review.
- Solid working knowledge of OWASP Top 10, OWASP ASVS, CWE, CVSS, MITRE ATT&CK, and Secure SDLC concepts.
- Experience testing web applications, mobile apps for Android and iOS, APIs, internal and external networks, and cloud environments.
- Experience reviewing source code in one or more languages such as Java, C#, .NET, Python, PHP, JavaScript, or Go.
- Hands-on familiarity with tools such as Burp Suite Professional, OWASP ZAP, Nmap, Nessus, Metasploit, and Wireshark.
- Exposure to SAST, DAST, and SCA tooling.
- Strong understanding of authentication, authorization, cryptography, and secure coding principles.
- Excellent skills in analysis, documentation, and communication.
Additional Information
This is a full-time onsite position based in Jeddah, Makkah, Saudi Arabia. The opportunity is with SIGMA and is intended for a Saudi national candidate.