{bc}
linkedin

Embedded Offensive Security Engineer

Microminder Cyber Security
Riyadh, KSA
Contract
Senior
Hybrid
1 months ago
Penetration TestingAttack SimulationExternal Attack Surface ManagementActive DirectoryWindows ServerLinux
Free

Job Fit Check

Base Career helps you apply smarter for this job.

?%
Ready to Scan

Key skills for this role

Penetration TestingAttack SimulationExternal Attack Surface Management
Smart Apply

Full Job Posting

About the Engagement

  • Microminder Cyber Security (MCS) is a CREST certified, ISO/IEC 27001 accredited cybersecurity firm operating across the UAE, Saudi Arabia, and the UK.
  • MCS has been engaged by Client Company to deliver an enterprise grade Internal Attack Simulation and External Attack Surface Management (EASM) programme.
  • The successful candidate will be fully embedded within the Client Cyber Security function at the company's Riyadh headquarters, working on site five days per week.

Key Responsibilities

  • Operate, monitor, and triage all alerts generated by the EASM and automated penetration testing platforms on a daily basis.
  • Schedule and execute approved internal attack simulations, including identity/Active Directory attack path testing, lateral movement scenarios, and network segmentation validation.
  • Maintain full audit logs of all simulation activity, generated artefacts, and system access in line with Client governance requirements.
  • Conduct retesting and regression validation following remediation, producing formal closure evidence for each finding.
  • Coordinate with IT, DevOps, infrastructure, and application owners to drive timely remediation of identified vulnerabilities and misconfigurations.
  • Work directly with system and service owners to implement patches, configuration changes, and security hardening measures.
  • Troubleshoot and resolve asset discovery, attribution, and coverage gaps impacting platform visibility or assessment accuracy.
  • Support platform configuration, integrations (EDR, SIEM, CMDB, ITSM), and tuning activities until stable operations are achieved.
  • Manage and continuously refine the EASM platform, including onboarding of approved asset inventories.
  • Monitor and profile externally exposed assets, including open ports, exposed services, expiring certificates, and DNS weaknesses.
  • Identify unknown, orphaned, and shadow IT assets on the external attack surface and drive their inclusion in remediation workflows.
  • Correlate EASM findings with enterprise platforms for integrated remediation tracking.

Required Qualifications and Experience

  • Minimum 4 6 years of hands on offensive security experience, including penetration testing, red team operations, or attack simulation roles.
  • Demonstrable experience deploying, operating, and troubleshooting enterprise grade attack simulation or automated penetration testing platforms.
  • Strong background in systems administration: Windows Server, Active Directory, Linux, and enterprise networking.
  • Hands on experience with identity and AD attack path techniques: credential access, privilege escalation, lateral movement, Kerberoasting, Pass the Hash, and equivalent.
  • Practical knowledge of network segmentation testing, EDR evasion validation, and SIEM detection logic.
  • Experience with External Attack Surface Management platforms and asset discovery methodologies.
  • Ability to produce clear, executive level risk reporting from complex technical findings.
  • Current CREST certification (CRT, CCT, or equivalent) OR OSCP, GPEN, GXPN, or equivalent offensive security qualification.
  • Willingness and ability to work on site in Riyadh, KSA, five days per week.

Highly Desirable

  • Prior experience in a vendor embedded or client site secondment model.
  • Familiarity with GCC or KSA enterprise environments, regulatory expectations (NCA ECC, SAMA CSF), and data sovereignty requirements.
  • Experience with large scale enterprise environments in sectors such as FMCG, food production, logistics, or critical national infrastructure.
  • Knowledge of MITRE ATT&CK, TIBER EU, or CBEST red team frameworks.
  • Arabic language skills (professional working proficiency or above).
  • Experience with integration of security platforms into CMDB, SIEM (e.g., Splunk, Microsoft Sentinel), EDR (e.g., CrowdStrike, Microsoft Defender), and ITSM (e.g., ServiceNow).

Employment and Engagement Terms

  • Compensation: Competitive, commensurate with experience and GCC market benchmarks.
  • Benefits: As per MCS standard employment terms for KSA based roles.
  • Location: Client Company HQ, Riyadh, KSA. Candidates must be willing to relocate or currently be based in KSA.
  • Visa and Sponsorship: MCS will facilitate KSA work authorisation where applicable.

Apply for this job in 1 click

Skip the repetitive application forms

Install the Base Career Chrome Extension and autofill job applications across major job boards with your profile.

Sarah M.James T.Maya R.

Trusted by over 500,000 job seekers on Base Career

Start Free Today