Job Overview
We are seeking a highly skilled Vulnerability Assessment & Penetration Testing (VAPT) Specialist to join our cybersecurity team in Riyadh, Saudi Arabia. The ideal candidate will have 3+ years of hands-on experience in performing penetration testing, security assessments, and exploit development across web applications, networks, cloud environments, and enterprise systems.
As part of the offensive security team, you will play a critical role in identifying, analyzing, and mitigating security vulnerabilities in our IT infrastructure. You will also be responsible for ensuring compliance with SAMA, NCA, ISO 27001, and other regulatory standards.
If you are passionate about ethical hacking, security research, and helping organizations improve their cyber resilience, this role is for you!
Key Responsibilities
· Conduct Vulnerability Assessments & Penetration Testing (VAPT) on:
· Web applications, APIs, and mobile applications
· Network infrastructure (internal/external)
· Cloud environments (AWS, Azure, GCP)
· Active Directory & Privileged Access Systems
· Simulate real-world cyber threats using red teaming techniques and adversary emulation (MITRE ATT&CK-based).
· Analyze and exploit vulnerabilities to demonstrate business impact and security risks.
· Develop proof-of-concept (PoC) exploits for identified vulnerabilities.
· Generate detailed security assessment reports with actionable recommendations for remediation.
· Ensure compliance with SAMA, NCA, ISO 27001, and PCI DSS cybersecurity frameworks.
· Collaborate with blue teams and security engineers to improve detection and response strategies.
· Stay updated on the latest cybersecurity threats, zero-day vulnerabilities, and hacking techniques.
Qualifications & Skills Required
· 3+ years of hands-on experience in penetration testing & vulnerability assessments.
· Strong knowledge of penetration testing tools (Burp Suite, Metasploit, Nmap, Nessus, Kali Linux, etc.).
· Familiarity with scripting and exploit development (Python, Bash, PowerShell).
· Experience with Active Directory security, privilege escalation, and lateral movement techniques.
· Knowledge of cloud security assessments (AWS, Azure, GCP).
· Ability to generate clear, professional security reports and communicate findings effectively.
· Understanding of compliance frameworks (SAMA, NCA, ISO 27001, PCI DSS).
· OSCP certification is highly preferable; other relevant certifications (CEH, GPEN, CISSP) are a plus.
· Fluent in Arabic and English (written & spoken).
Preferred Certification: OSCP (Offensive Security Certified Professional)
Are you passionate about travel and love helping others plan their dream vacations? We're looking for motivated individuals to join our team as Remote Travel Agents! No experience is required - we provide full training on everything you need to know. As an independent contractor...
...your market Support colleagues with the execution of projects mandated by clients taking... ...a lead role in defining and executing search strategies Identify, approach and... ...clients include FTSE listed and Fortune 500 companies across all sectors/industries; SMEs,...
...Life and Health Insurance Agent Company: GIA Legacy Planning Location: Remote Position/Work from Home Job Type: Full-Time | Part-Time | Commission-Based Position Overview: We are looking for motivated Life and Health Insurance Agents who are interested...
...The Training Coordinator at Unified Defense will organize and track training across departments, from welders to quality techs to forklift operators. You wont be the one doing the hands-on training but youll be the one making sure it happens smoothly and effectively...
**Job Description**This Remote Water/Wastewater Treatment Operator is responsible for maintaining and repairing equipment, building structures and facilities. This position is responsible for the safe and efficient daily operation of the potable water and the wastewater...