Offensive Security Engineer (Vulnerability Management & Penetration Testing)
Job Fit Check
Base Career helps you apply smarter for this job.
Key skills for this role
About the Role
Location: UAE Experience: 2-3 years Role Overview: We are looking for a highly skilled Offensive Security Consultant with strong expertise in both Vulnerability Management and Penetration Testing across enterprise environments.
Key Skills for This Role
Full Job Posting
Location: UAE
Experience: 2-3 years
Role Overview
We are looking for a highly skilled Offensive Security Consultant with strong expertise in both Vulnerability Management and Penetration Testing across enterprise environments.
The ideal candidate should have hands-on experience identifying, validating, prioritizing, and supporting remediation of security vulnerabilities across modern infrastructure, applications, and cloud platforms.
Key Responsibilities
- Penetration testing across:
- Web, API & mobile applications
- Internal, external & wireless networks
- Active Directory environments
Vulnerability Management
- Perform continuous vulnerability assessments using enterprise tools
- Perform risk-based prioritization of findings based on business impact and threat context
- Provide actionable remediation guidance to IT and engineering teams
- Track remediation progress
- Support patch management cycles and security hardening initiatives
*Must Have Certification(s): OSCP*
- *Strong knowledge of:*
- OWASP Top 10 for Web, Mobile & API
- Network protocols and infrastructure security
- Active Directory attacks (Kerberos abuse, ACLs, AD CS, etc.)
- Commercial and open-source Vulnerability Management tools such as Tenable, Rapid7 InsightVM, Greenbone OpenVAS
- *Good understanding of:*
- CVSS scoring and risk prioritization
- Patch management and remediation workflows
Soft Skills
- Strong analytical and problem-solving mindset
- Ability to clearly communicate technical findings to both technical and non-technical stakeholders
- Experience working with cross-functional teams (IT, DevOps, Security)
- Write professional reports, and present findings to relevant stakeholders and executives
- Nice to Have:
- Certifications such as OSWE, CRTP, CRTO
Experience In Security Assessments Of
- Custom-built and proprietary AI/LLMs
- Cloud environments (AWS/Azure/GCP)
- Containers & Kubernetes environments
- Experience working in regulated environments (preferably within UAE) such as DESC's Al Kashif & Al Maha
What You’ll Do Day-to-Day
- Identify real-world exploitable vulnerabilities (not just scan results)
- Help organizations prioritize what actually matters
- Bridge the gap between offensive security and remediation
- Contribute to improving overall security posture, and not just reporting issues
Apply for this job in 1 click
Skip the repetitive application forms
Install the Base Career Chrome Extension and autofill job applications across major job boards with your profile.
Trusted by over 500,000 job seekers on Base Career