Information Security Analyst l (PenTester)
Job Fit Check
Base Career helps you apply smarter for this job.
Key skills for this role
About the Role
Tabby seeks a Cyber Security Analyst (Offensive Security) to support penetration testing, vulnerability assessments, and red team exercises. Requires a bachelor's degree in a related field, basic understanding of vulnerabilities, and foundational knowledge of networking and scripting.
Key Skills for This Role
Responsibilities
- Assist senior engineers in conducting penetration tests across web applications, APIs, and network infrastructure by performing assigned test cases and documenting findings
- Support vulnerability assessments using automated scanning tools (e.g., Nmap, vulnerability scanners) under supervision, and help verify results through basic manual checks
- Participate in Red Team exercises as a supporting team member, learning adversary simulation methodologies and assisting in pre agreed test scenarios
- Help execute controlled offensive testing tasks (e.g., running scripts, setting up test environments, assisting with phishing simulations) as directed by senior staff
- Assist in identifying, documenting, and tracking vulnerabilities throughout the assessment lifecycle
- Support the development and maintenance of basic scripts and testing utilities to assist in offensive security activities
- Assist in analyzing and documenting assessment findings, including reproduction steps, evidence, and initial severity observations for review by senior engineers
- Support the preparation of penetration test reports by compiling findings, screenshots, and tool outputs into structured report templates
- Help track the status of identified vulnerabilities and remediation progress, maintaining accurate records in relevant tracking systems
- Assist in validating patched vulnerabilities by re testing affected systems following confirmed remediation, under senior guidance
- Participate in Purple Team exercises as an observer and support role, gaining exposure to detection logic and incident response workflows
- Provide basic log collection and organizational support to the incident response team during active security incidents, as directed
Requirements
- Bachelor's degree in Information Technology, Computer Science, Software Engineering, Cybersecurity, or a related field
- Basic understanding of common vulnerabilities and attack concepts (OWASP Top 10, CVEs, common misconfigurations)
- Foundational knowledge of networking protocols (TCP/IP, DNS, HTTP/S, FTP, SMB) and how they can be abused
- Exposure to at least one security tool: port scanners (Nmap), web proxies (Burp Suite Community), or vulnerability scanners
- Basic proficiency in at least one scripting or programming language (Python, Bash, or PowerShell) for task automation
- Fundamental understanding of operating system internals for both Windows and Linux environments
- Awareness of the MITRE ATT&CK framework and how it maps adversary behaviors
- Familiarity with cloud concepts (any provider — GCP, AWS, or Azure) is an advantage
Full Job Posting
Description
- Tabby creates financial freedom in the way people shop, earn and save by reshaping their relationship with money. Over 15 million users choose Tabby to stay in control of their spending and make the most out of their money.
- The Cyber Security Analyst (Offensive Security) role serves as a structured entry point into offensive security, with a strong emphasis on learning industry standard tools, methodologies, and frameworks (OWASP Top 10, MITRE ATT&CK), while supporting the organization's mission to validate and strengt
Key Responsibilities
- Assist senior engineers in conducting penetration tests across web applications, APIs, and network infrastructure by performing assigned test cases and documenting findings.
- Support vulnerability assessments using automated scanning tools (e.g., Nmap, vulnerability scanners) under supervision, and help verify results through basic manual checks.
- Participate in Red Team exercises as a supporting team member, learning adversary simulation methodologies and assisting in pre agreed test scenarios.
- Help execute controlled offensive testing tasks (e.g., running scripts, setting up test environments, assisting with phishing simulations) as directed by senior staff.
- Assist in identifying, documenting, and tracking vulnerabilities throughout the assessment lifecycle.
- Support the development and maintenance of basic scripts and testing utilities to assist in offensive security activities.
- Assist in analyzing and documenting assessment findings, including reproduction steps, evidence, and initial severity observations for review by senior engineers.
- Support the preparation of penetration test reports by compiling findings, screenshots, and tool outputs into structured report templates.
- Help track the status of identified vulnerabilities and remediation progress, maintaining accurate records in relevant tracking systems.
- Assist in validating patched vulnerabilities by re testing affected systems following confirmed remediation, under senior guidance.
- Participate in Purple Team exercises as an observer and support role, gaining exposure to detection logic and incident response workflows.
- Provide basic log collection and organizational support to the incident response team during active security incidents, as directed.
Skills, Knowledge & Expertise
- Bachelor's degree in Information Technology, Computer Science, Software Engineering, Cybersecurity, or a related field.
- Basic understanding of common vulnerabilities and attack concepts (OWASP Top 10, CVEs, common misconfigurations).
- Foundational knowledge of networking protocols (TCP/IP, DNS, HTTP/S, FTP, SMB) and how they can be abused.
- Exposure to at least one security tool in any of the following categories: port scanners (Nmap), web proxies (Burp Suite Community), or vulnerability scanners.
- Basic proficiency in at least one scripting or programming language (Python, Bash, or PowerShell) for task automation.
- Fundamental understanding of operating system internals for both Windows and Linux environments.
- Awareness of the MITRE ATT&CK framework and how it maps adversary behaviors.
- Familiarity with cloud concepts (any provider — GCP, AWS, or Azure) is an advantage
Apply for this job in 1 click
Skip the repetitive application forms
Install the Base Career Chrome Extension and autofill job applications across major job boards with your profile.
Trusted by over 500,000 job seekers on Base Career
More from this employer
More jobs at Tabby | تابي
Commercial Operations Executive
Riyadh, KSA
Tabby seeks a Program Management Executive (Implementations) to support merchant and channel partner onboarding, technical coordination, and product rollout execution. Requires strong technical literacy, cross-functional
Internal Audit Lead - Financial Risk
Abu Dhabi, UAE
Tabby is hiring an Internal Audit Lead for Financial Risk to lead end-to-end audits across finance, treasury, and financial risk management. The role requires 7+ years of experience in internal/external audit within fint
Internal Audit Lead - Financial Risk
Dubai, UAE
Tabby is hiring an Internal Audit Lead to oversee finance, treasury, and financial risk audits. The role requires 7+ years of experience, a relevant degree, professional certifications, and advanced data analytics skills
Senior Internal Auditor - Operations
Dubai, UAE
Tabby is seeking a Senior Internal Auditor to lead operational audits across business processes including ERM, vendor management, HR, and marketing. The role requires 5+ years of internal audit experience, a relevant deg
Internal Audit Lead - Financial Crime
Abu Dhabi, UAE
Tabby is hiring an Internal Audit Lead - Financial Crime to lead and deliver audits across financial crime and compliance domains. The role requires deep expertise in AML, CTF, sanctions, fraud prevention, and data analy
Internal Audit Lead - Financial Crime
Dubai, UAE
Tabby is hiring an Internal Audit Lead - Financial Crime to lead and deliver audits across financial crime and compliance domains. The role requires deep expertise in AML, CTF, sanctions, fraud prevention, and data analy
Senior Internal Auditor - Operations
Abu Dhabi, UAE
Tabby is hiring a Senior Auditor - Operational Audits to deliver end-to-end audits across business and operational processes. The role focuses on risk-based audit engagements, assessing governance and internal controls.
Head of Finance (Financial Control)
Jeddah, KSA
Tabby seeks a Head of Finance (Financial Control) for KSA to lead finance operations, ensuring robust financial reporting, statutory compliance, and governance. The role involves monthly closing, tax filings, SAMA pruden
Commercial Operations Executive
Riyadh, KSA
Internal Audit Lead - Financial Risk
Abu Dhabi, UAE
Internal Audit Lead - Financial Risk
Dubai, UAE
Senior Internal Auditor - Operations
Dubai, UAE
Internal Audit Lead - Financial Crime
Abu Dhabi, UAE
Internal Audit Lead - Financial Crime
Dubai, UAE
Senior Internal Auditor - Operations
Abu Dhabi, UAE
Head of Finance (Financial Control)
Jeddah, KSA