Job Description

Key Responsibilities

Conduct advanced penetration tests for web applications, APIs, networks, and infrastructure systems. Perform vulnerability scanning, assessment, and exploitation using industry-standard tools. Conduct in-depth security assessments to identify weaknesses in applications and infrastructure. Prepare detailed technical reports and executive-level summaries. Collaborate with development, IT, and infrastructure teams to remediate identified issues. Design and maintain test cases, scripts, and security toolsets. Develop and improve internal security testing methodologies and best practices. Ensure compliance with security policies, frameworks, and regulatory requirements. Provide security recommendations and enhancements to strengthen overall security posture.

Basic Requirements

5 or more years of experience in Application Security & Infrastructure Security VAPT. Bachelor's degree or above in Computer Science, Information Security, or a related field. Relevant certifications such as OSCP, CEH, CISSP, CISA, CRTP, GWAPT, GMOB, or GIAC are preferred. Strong knowledge of Web , Mobile & AI Application Security (OWASP Top 10), Secure Code Review, API Security, Cloud Security (AWS, Azure, GCP), and Infrastructure Security. Experience with security tools such as Burp Suite, SonarQube, Fortify, Metasploit, Nessus, Qualys, Nmap, Acunetix, ZAP, and Kali Linux. Understanding of data protection regulations (UAE- IA, ISO 27001, NIST, PCI-DSS, etc.). Strong technical writing and documentation skills. Scripting experience in Python or Bash.

Preferred Qualifications

Relevant certifications such as OSCP, OSWE, CEH, or experience in Red Team operations. * Experience performing security testing in cloud environments (AWS / Azure).