VAPT - VULNERABILITY ASSESSMENT AND PENETRATION TESTING (AppSec)

دوام كامل في Saudi Petroleum Services Polytechnic في Saudi Arabia

نُشرت يوم January 29, 2025

تفاصيل الوظيفة

VAPT - VULNERABILITY ASSESSMENT AND PENETRATION TESTING (L2) Application Security Code Review - SAC (L2), QualysGuard (L2), Tenable (L2) Certification: LPT – Licensed Pen Tester from EC-Council, OSCP – Offensive Security Certified Professional Certification. This role will assess and identify application security threats and risks. The job includes technical security assessments of applications and its infrastructure, application design reviews, as well as application security risk assessments. This is a hands-on role, requiring technical skills from the hardware to the application layer. This role will be responsible for applying cyber security knowledge and threat intelligence to focus the application security/penetration testing on the following applications:

Web applications
Web services
Mobile applications
IOT applications
Thick/Thin client applications
Standalone applications

Key Responsibilities:

Perform security reviews of application designs, source code, and its deployment.
Perform security penetration testing of applications.
Perform proactive research to identify and understand new threats, vulnerabilities, and exploits of Web, Mobile, and IOT based applications.
Develop clear and concise security test reports and executive summaries.
Maintain working knowledge of advanced threat actor tactics, techniques, and procedures, and emulate these to assess vulnerability and risk.
Continuous improvements to existing methodology material and supporting assets of application security testing tools, processes, and procedures.

Job Requirements:

A Bachelor of Science degree in Computer Science, Computer Engineering, Electrical Engineering, or a related technical field; or equivalent professional experience.
5+ years of working experience in IT Security, preferably with exposure to application security testing that includes source code review and application security tests.
Experience in drafting and documenting Penetration Testing Methodologies for all kinds of applications.
Experience in Penetration testing, including web application testing and ideally mobile application and web application security testing.
Experience with various security tools and products (Fortify, AppScan, etc.).
Experience with scripting languages such as Python, Ruby, POSIX shell.
Good understanding of the components of a secure DLC/SDLC.
Strong time management skills, self-directed, with the ability to meet verbal and written deadlines.
Good English communication skills and able to collaborate with techno-functional stakeholders.

#J-18808-Ljbffr

Apply safely

To stay safe in your job search, information on common scams and to get free expert advice, we recommend that you visit SAFERjobs, a non-profit, joint industry and law enforcement organization working to combat job scams.

Refinery Process Engineer - Diesel Hydrotreating And Sulfur Recovery Unit

Saudi Aramco (ASC)

... Diesel Hydrotreating (DHT) and Sulfur Recovery Units (SRU) processes to join our Riyadh Refinery Operations Engineering ...