This page was automatically translated and may contain errors. View in English.
S

Penetration Testing & Secure Code Review Specialist

Sigma

Jeddah, Makkah Province, Saudi Arabia · 全职

抢先申请

经验
4年以上
薪水
职位空缺
1
发布
6小时前
工作模式
在办公室
学历
学士学位
合格
Saudi nationals with a bachelor’s degree and at least 4 years of relevant hands-on experience in penetration testing and secure code review.
恢复
需要申请

你的工作地点

职位描述

Role Overview

This position is for a Penetration Testing & Secure Code Review Specialist to support a semi-government organization in Jeddah. The role focuses on finding security weaknesses, reviewing application source code for flaws, and recommending practical fixes that strengthen the overall security environment.

Key Duties

  • Run penetration tests across web, mobile, API, network, and infrastructure environments.
  • Review application source code both manually and with automated techniques, covering technologies such as Java, .NET, Python, PHP, JavaScript, and related stacks.
  • Discover, verify, and rank vulnerabilities according to their business impact.
  • Write detailed technical findings and executive-level summaries, including clear remediation guidance.
  • Use standard security tools to perform vulnerability assessments and related checks.
  • Work with development teams to correct security issues and improve code quality.
  • Re-test fixes to confirm that vulnerabilities have been properly addressed.
  • Carry out threat modeling and review security architecture when needed.
  • Ensure applications follow secure coding practices and established security standards.
  • Contribute to Secure SDLC and DevSecOps initiatives.
  • Create proof-of-concept demonstrations for vulnerabilities when required.
  • Stay informed about new attack methods, threats, and cybersecurity trends.
  • Take part in Red Team and Purple Team activities as needed.
  • Help align work with cybersecurity frameworks and regulatory requirements.

Required Background

  • A bachelor’s degree in Computer Science, Cybersecurity, Information Security, or a similar discipline is required.
  • Candidates must be Saudi nationals.
  • At least 4 years of practical experience in penetration testing and secure code review is required.
  • Strong working knowledge of OWASP Top 10, OWASP ASVS, CWE, CVSS, MITRE ATT&CK, and Secure SDLC.
  • Experience testing web applications, mobile apps for Android and iOS, APIs, internal and external networks, and cloud environments.
  • Ability to assess source code in one or more languages such as Java, C#, .NET, Python, PHP, JavaScript, or Go.
  • Hands-on familiarity with tools such as Burp Suite Professional, OWASP ZAP, Nmap, Nessus, Metasploit, Wireshark, and SAST/DAST/SCA solutions.
  • Solid understanding of authentication, authorization, cryptography, and secure development principles.
  • Strong analytical ability, documentation skills, and communication skills.

Additional Information

This is a full-time onsite role based in Jeddah, Saudi Arabia, and the client is a semi-government entity.

Eligibility

Only Saudi nationals who meet the experience and technical requirements should apply.

如果您希望收到回复,请留下您的信息——我们不会将您的信息用于其他用途。

点击浏览拖放,或 粘贴 截图

PNG、JPG、GIF、MP4、WebM、MOV 格式 · 每个文件最大 20MB · 最多 5 个文件

🤖
在线·即时人工智能帮助