{bc}
linkedin

Offensive Security Engineer (Vulnerability Management & Penetration Testing)

HexaPrime
Dubai, UAE
Fulltime
Mid-Senior
2 months ago
AWSAzureDevOpsGCPKubernetes
Free

Job Fit Check

Base Career helps you apply smarter for this job.

?%
Ready to Scan

Key skills for this role

AWSAzureDevOps
Smart Apply

Full Job Posting

Location: UAE

Experience: 2-3 years

Role Overview

We are looking for a highly skilled Offensive Security Consultant with strong expertise in both Vulnerability Management and Penetration Testing across enterprise environments.

The ideal candidate should have hands-on experience identifying, validating, prioritizing, and supporting remediation of security vulnerabilities across modern infrastructure, applications, and cloud platforms.

Key Responsibilities

  • Penetration testing across:
  • Web, API & mobile applications
  • Internal, external & wireless networks
  • Active Directory environments

Vulnerability Management

  • Perform continuous vulnerability assessments using enterprise tools
  • Perform risk-based prioritization of findings based on business impact and threat context
  • Provide actionable remediation guidance to IT and engineering teams
  • Track remediation progress
  • Support patch management cycles and security hardening initiatives

*Must Have Certification(s): OSCP*

  • *Strong knowledge of:*
  • OWASP Top 10 for Web, Mobile & API
  • Network protocols and infrastructure security
  • Active Directory attacks (Kerberos abuse, ACLs, AD CS, etc.)
  • Commercial and open-source Vulnerability Management tools such as Tenable, Rapid7 InsightVM, Greenbone OpenVAS
  • *Good understanding of:*
  • CVSS scoring and risk prioritization
  • Patch management and remediation workflows

Soft Skills

  • Strong analytical and problem-solving mindset
  • Ability to clearly communicate technical findings to both technical and non-technical stakeholders
  • Experience working with cross-functional teams (IT, DevOps, Security)
  • Write professional reports, and present findings to relevant stakeholders and executives
  • Nice to Have:
  • Certifications such as OSWE, CRTP, CRTO

Experience In Security Assessments Of

  • Custom-built and proprietary AI/LLMs
  • Cloud environments (AWS/Azure/GCP)
  • Containers & Kubernetes environments
  • Experience working in regulated environments (preferably within UAE) such as DESC's Al Kashif & Al Maha

What You’ll Do Day-to-Day

  • Identify real-world exploitable vulnerabilities (not just scan results)
  • Help organizations prioritize what actually matters
  • Bridge the gap between offensive security and remediation
  • Contribute to improving overall security posture, and not just reporting issues

Apply for this job in 1 click

Skip the repetitive application forms

Install the Base Career Chrome Extension and autofill job applications across major job boards with your profile.

Sarah M.James T.Maya R.

Trusted by over 500,000 job seekers on Base Career

Start Free Today