About the Role
We are seeking a skilled and experienced Penetration Tester for a client of ours in Oman. The ideal candidate will have proven expertise in identifying, exploiting, and reporting security vulnerabilities across diverse IT environments, applications, mobile apps, complex network infrastructure, telecom networks etc. With an OSCP certification, the candidate will be expected to bring hands-on technical proficiency in ethical hacking, vulnerability assessment, and penetration testing methodologies to safeguard our organization’s digital assets.
Key Responsibilities
Conduct Comprehensive Penetration Tests: Execute penetration testing across network infrastructure, web applications, APIs, and mobile platforms, identifying security weaknesses and vulnerabilities.
Vulnerability Assessment: Perform detailed vulnerability assessments, analyze risk levels, and recommend mitigation steps to enhance security posture.
Exploit Development and Attack Simulation: Simulate real-world cyberattacks by exploiting discovered vulnerabilities, providing a comprehensive understanding of potential impacts.
Reporting and Documentation: Prepare detailed, high-quality reports of penetration test findings, including a summary of risks, potential impacts, and recommended solutions for various stakeholders.
Collaboration and Knowledge Transfer: Work closely with IT and security teams to remediate vulnerabilities, share insights, and provide guidance on secure development and operational practices.
Security Tool Management: Utilize and manage penetration testing tools such as Metasploit, Burp Suite, Nmap, Nessus, and others.
Required Qualifications
Certification: OSCP (Offensive Security Certified Professional) is mandatory.
Education: Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent work experience).
Experience: Minimum 2-4 years of experience in penetration testing, ethical hacking, or a related cybersecurity role.
Skills and Competencies
Technical Proficiency: Strong understanding of network protocols, application security, and common vulnerabilities (e.g., OWASP Top 10).
Hands-on Expertise: Proficiency with penetration testing tools such as Metasploit, Burp Suite, Kali Linux, Wireshark, Nmap, and others.
Analytical and Problem-Solving Skills: Ability to analyze complex security issues, find effective solutions, and communicate findings to non-technical stakeholders.
Scripting Knowledge: Experience with scripting languages (Python, PowerShell, Bash) to develop custom tools or automate testing procedures.
Communication Skills: Excellent written and verbal communication skills for documenting findings and engaging with stakeholders.
Preferred Qualifications
Additional Certifications: CEH (Certified Ethical Hacker), OSCE (Offensive Security Certified Expert), or similar advanced certifications.
Language Skills: Proficiency in Arabic is a plus but not mandatory.
Experience in Middle Eastern Markets: Previous experience working in the Middle East is beneficial but not required.
Benefits
Excellent salary and benefits package.
Opportunities for career advancement within a growing cybersecurity team.