Job Overview
We are seeking a highly skilled Vulnerability Assessment & Penetration Testing (VAPT) Specialist to join our cybersecurity team in Riyadh, Saudi Arabia. The ideal candidate will have 3+ years of hands-on experience in performing penetration testing, security assessments, and exploit development across web applications, networks, cloud environments, and enterprise systems.
As part of the offensive security team, you will play a critical role in identifying, analyzing, and mitigating security vulnerabilities in our IT infrastructure. You will also be responsible for ensuring compliance with SAMA, NCA, ISO 27001, and other regulatory standards.
If you are passionate about ethical hacking, security research, and helping organizations improve their cyber resilience, this role is for you!
Key Responsibilities
· Conduct Vulnerability Assessments & Penetration Testing (VAPT) on:
· Web applications, APIs, and mobile applications
· Network infrastructure (internal/external)
· Cloud environments (AWS, Azure, GCP)
· Active Directory & Privileged Access Systems
· Simulate real-world cyber threats using red teaming techniques and adversary emulation (MITRE ATT&CK-based).
· Analyze and exploit vulnerabilities to demonstrate business impact and security risks.
· Develop proof-of-concept (PoC) exploits for identified vulnerabilities.
· Generate detailed security assessment reports with actionable recommendations for remediation.
· Ensure compliance with SAMA, NCA, ISO 27001, and PCI DSS cybersecurity frameworks.
· Collaborate with blue teams and security engineers to improve detection and response strategies.
· Stay updated on the latest cybersecurity threats, zero-day vulnerabilities, and hacking techniques.
Qualifications & Skills Required
· 3+ years of hands-on experience in penetration testing & vulnerability assessments.
· Strong knowledge of penetration testing tools (Burp Suite, Metasploit, Nmap, Nessus, Kali Linux, etc.).
· Familiarity with scripting and exploit development (Python, Bash, PowerShell).
· Experience with Active Directory security, privilege escalation, and lateral movement techniques.
· Knowledge of cloud security assessments (AWS, Azure, GCP).
· Ability to generate clear, professional security reports and communicate findings effectively.
· Understanding of compliance frameworks (SAMA, NCA, ISO 27001, PCI DSS).
· OSCP certification is highly preferable; other relevant certifications (CEH, GPEN, CISSP) are a plus.
· Fluent in Arabic and English (written & spoken).
Preferred Certification: OSCP (Offensive Security Certified Professional)
...firm-recognized holiday. Duties & Responsibilities Provide a security presence in the lobby of Covington and Burlings office... ...and protected. Read, respond, and resolve staff and employee service requests through email and phone correspondence. Conduct safety...
&##128226; Partner Recruitment | Join Us for Success! &##128226; We are looking for a visionary and results-driven business partner to grow the company together and achieve mutual success!&##128313; Partner Requirements: Fluent in English, Spanish, and Chinese ,...
We are looking for a detail-oriented and efficient Data Entry Clerk to join our team. In this role, you will be responsible for accurately entering and updating data in our systems, ensuring all information is correct, complete, and up to date. If you're organized, fast...
...candidates that have around 10-15 years med device sales experience selling capital equipment, lab equipment, dental (calling on physician offices) running their own territory and have stability and numbers on their resume bachelors degree required for this position...
...terms or conditions of your employment. This form will be used for reporting purposes only and will be kept separate from all other records.... ...including, but not limited to, medical, dental, vision, and federal and state leave programs as required by applicable agency...