Information Security Engineer - VAPT
Job Fit Check
Base Career helps you apply smarter for this job.
Key skills for this role
About the Role
We are thrilled to announce an opportunity for a skilled Information Security Engineer to join our team and play a role in enhancing our security measures by utilizing your abil.
Key Skills for This Role
Full Job Posting
Overview
- We are thrilled to announce an opportunity for a skilled Information Security Engineer to join our team and play a role in enhancing our security measures by utilizing your abilities and deep knowledge of information security methodologies.
- Paying attention to details and efficiently solving problems will be crucial in ensuring the safety of Tabby s systems.
- The role you will be involved in both operations and important implementation projects contributing to the growth and maintenance of our technology infrastructure.
- If you have a passion for cybersecurity, possess technical skills and aspire to make a significant impact we strongly encourage you to apply and become an essential part of our dedicated cybersecurity team.
- Penetration Testing
- : Perform Dynamic Application Security Testing (DAST) and Static Application Security Testing (SAST) for Web, Mobile, and API applications.
- Plan and conduct Infrastructure Vulnerability Assessment and Penetration Testing of systems, switches, servers, and more.
• Adversary Simulation (Red Teaming)
- Participate in sophisticated Red Team
- engagements, emulating real-world threat actor Tactics, Techniques, and Procedures (TTPs) to assess the detection and response capabilities of the Blue Team/SOC.
• Vulnerability & Application Security Analysis
- Conduct both Dynamic (DAST) and Static (SAST) Application Security Testing, and perform systematic vulnerability assessments using automated tools combined with meticulous manual verification.
- Report Development:
- Produce actionable, high-quality assessment reports that clearly articulate technical findings, business risk, and remediation strategies for both technical implementers and non-technical executives.
• Control Evasion & Social Engineering
Conduct controlled offensive testing, including Breach & Attack Simulations (BAS) and targeted phishing campaigns, to assess the resilience and bypassability of technical and human controls.
• Tool Development & Reporting
- Develop and maintain custom scripts and tools to enhance offensive security capabilities, and produce high-quality, actionable reports detailing discovered threats and validated vulnerabilities on an ongoing basis.
- Security Awareness
- : Experience in conducting phishing simulations and other
- awareness exercises to evaluate employee susceptibility to social engineering attacks and provide targeted training to enhance resilience.
- Degree in Information Technology, Computer Science, Software Engineering, or related field
- Knowledge of Information Technology security issues and approaches to manage
- Information Technology security with a fast paced Fintech environment.
- Security Qualification Good to have: Offensive Security Certified Professional (OSCP), GIAC Penetration Tester (GPEN), GIAC Web Application Penetration Tester (GWAPT), CREST Registered Penetration Tester (CRT) or equivalent.
- Excellent communication, influencing and stakeholder management skills
- 2-3 Experience of working across teams to deliver solutions and generate high levels of internal buy-in
- Experience of working in a culturally diverse environment
- Knowledge of online technologies, payment methods, content delivery networks, REST APIs, microservices, and application development.
- Programming and scripting understanding (Bash, Python etc.)
Apply for this job in 1 click
Skip the repetitive application forms
Install the Base Career Chrome Extension and autofill job applications across major job boards with your profile.
Trusted by over 500,000 job seekers on Base Career
More from this employer
More jobs at tabby
Backend Engineer II
Saudi Arabia, KSA
Key Responsibilities Backend engineering experience, with ideally commercial experience in Golang Experience building scalable, distributed systems and working with high-load ar...
Risk Manager
Saudi Arabia, KSA
Manage third-party risk program, conduct vendor assessments, ensure compliance, and communicate risks effectively while collaborating cross-functionally.
Internal Audit Lead - Financial Risk
United Arab Emirates, UAE
Lead end-to-end audits in finance, treasury, and financial risk, utilizing data analytics and ensuring compliance with IFRS and CBUAE regulations.
Internal Audit Lead - Financial Crime
United Arab Emirates, UAE
Lead audits in financial crime compliance, utilizing data analytics and regulatory knowledge to enhance frameworks and reporting while engaging stakeholders.
Senior Internal Auditor - Operations
United Arab Emirates, UAE
Responsible for executing risk-based operational audits, assessing internal controls, utilizing data analytics, and preparing comprehensive reports while collaborating with stak...
Intern QA Engineer
Saudi Arabia, KSA
Interns will ensure product quality through testing applications, APIs, and integrations, requiring programming knowledge and collaboration skills.
DBA Intern
Saudi Arabia, KSA
What you will do This is not a helper or shadow-only role. Interns work on real production tasks under senior review. Investigate slow queries on PostgreSQL read execution plans...
AI Intern
Saudi Arabia, KSA
About the company Tabby builds financial products used by millions of users across the GCC. Alongside core fintech products, we are actively building internal platforms for AI a...
Backend Engineer II
Saudi Arabia, KSA
Risk Manager
Saudi Arabia, KSA
Internal Audit Lead - Financial Risk
United Arab Emirates, UAE
Internal Audit Lead - Financial Crime
United Arab Emirates, UAE
Senior Internal Auditor - Operations
United Arab Emirates, UAE
Intern QA Engineer
Saudi Arabia, KSA
DBA Intern
Saudi Arabia, KSA
AI Intern
Saudi Arabia, KSA
