Responsive Navbar

Penetration Testers

Job Description

Roles & Responsibilities

Job Title: Mid-Level - Penetration Tester

Job Summary

A Mid-Level Penetration Tester is responsible for conducting advanced security assessments, simulating cyberattacks, and identifying vulnerabilities in applications, networks, and systems. This role requires a deeper technical expertise and the ability to independently execute penetration tests. The ideal candidate will possess a strong understanding of security principles and practices, along with hands-on experience in penetration testing and ethical hacking. The Mid-Level Penetration Tester will play a crucial role in enhancing the security posture of the organization by identifying weaknesses and providing actionable recommendations for remediation.

Key Responsibilities

  • Perform penetration testing on web applications, APIs, cloud environments, and networks to identify vulnerabilities.
  • Exploit identified vulnerabilities and provide detailed remediation recommendations to mitigate risks.
  • Develop scripts and automation tools to enhance the efficiency of security testing processes.
  • Conduct ongoing security research to stay updated with emerging threats and vulnerabilities in the cybersecurity landscape.
  • Prepare detailed security reports tailored for both technical and non-technical audiences, summarizing findings and recommendations.
  • Collaborate with developers and IT teams to improve security postures and ensure secure coding practices are followed.

Skills and Knowledge Required

  • Strong knowledge of web application security, including OWASP Top 10 vulnerabilities such as SSRF, SQL Injection, and XSS.
  • Proficiency in network security and cloud security, with experience in platforms such as AWS, Azure, and GCP.
  • Experience with exploit development and advanced red teaming techniques.
  • Hands-on experience with penetration testing tools and frameworks, including Kali Linux, Cobalt Strike, Burp Suite Pro, Wireshark, Metasploit, and Nmap.
  • Proficiency in scripting and programming languages such as Python, Bash, PowerShell, and JavaScript.
  • Strong understanding of security compliance frameworks, including ISO 27001, NIST, and PCI-DSS.

Educational Qualifications

  • Bachelor’s degree in Cybersecurity, Computer Science, or a related field.
  • Preferred certifications include OSCP (Offensive Security Certified Professional), CISSP, and GPEN (GIAC Penetration Tester).

Key Focus Areas:

  • Web and network penetration testing.
  • Secure code review.
  • API and cloud security testing.
  • Red teaming exercises.

Experience

  • 3–5 years of experience in penetration testing, ethical hacking, or cybersecurity.

Tools and Equipment

  • Kali Linux, Cobalt Strike, Burp Suite Pro, Wireshark, Metasploit, Nmap.
  • SAST/DAST tools such as SonarQube and Veracode.
  • Security testing frameworks including OWASP ZAP and Nikto.

Other Requirements

  • Ability to lead small security testing projects and coordinate with team members.
  • Strong documentation and reporting skills to effectively communicate findings.
  • Experience working with security operations teams to implement security measures.
Job Detail
  • Work Type: Full Time
  • Languages to be known :
  • Country: United Arab Emirates
  • City: Dubai
  • Job Category : Information Technology