(Red Team) Penetration Tester - Relocate to Dubai (UAE)

3 Lý do để gia nhập công ty

• Competitive salary with housing & living support
• Collaborate with team of diverse nationalities
• Opportunity to become a key member in UAE team

Mô tả công việc

Own end-to-end offensive security assessments—web/API/mobile, infra/cloud, and Active Directory—and ship findings that matter. Act as the anchor for most pentest delivery while contributing to purple-team detection tuning.

Core Responsibilities

1. Assessment Delivery

• Plan and execute scoped tests across web, API, mobile, external/internal networks, AD, and AWS/Azure/GCP
• Emulate APT-style adversaries when scope allows (priv-escalation, lateral movement, data-exfil). 

2. Impact Validation & Remediation

• Prove practical business impact (auth bypass, sensitive-data exposure, lateral paths).
• Draft remediation steps that developers/administrators can realistically implement

3. Content & Automation

• Build and maintain reusable checks: Nuclei/Burp/ZAP templates, Semgrep rules, custom scripts (Python/PowerShell/Bash).
• Automate evidence collection and reporting where it eliminates grunt work.

4. Engagement Leadership (rotational)

• Own scoping calls, daily stand-ups, mid-engagement risk reviews, and final report sign-off
• Enforce ROE and quality gates (evidence completeness, exploit reproducibility)

5. Purple-Team Rotation

• Map top attacker TTPs to detections with Blue Team; validate coverage, tune SIEM/EDR rules, and document gaps

6. Research & Tooling

• Track emerging TTPs, EDR bypass techniques, and cloud IAM abuses; integrate the useful ones into playbooks.

Yêu cầu công việc

Must-Have Skills

• Offensive fundamentals:
  • Solid OWASP/API testing, AD abuse basics (Kerberoasting, ACL misconfigs).
  • Cloud IAM misconfig patterns across AWS, Azure, GCP (e.g., privilege-escalation paths, cross-account pivot).
  • Manual exploitation discipline—no blind scanner drop-offs.
• Tooling proficiency: Metasploit, Burp Suite, Nmap, BloodHound, Covenant/Sliver (or equivalent), plus custom scripting in Python/PowerShell/Bash.
• Evidence quality: Screenshots, packet captures, logs—well-annotated and reproducible.
• Reporting & comms: Concise technical write-ups and executive summaries; comfortable leading risk calls.
• Certifications (preferred, not mandatory): OSCP, OSEP, CRTO, GXPN, or equivalent proven experience.

Nice-to-Haves

• Exploit development (e.g., custom payloads, fuzzing)
• Experience bypassing modern EDR/XDR stacks
• Conference presentations or published research

Soft Skills:

• Strong proficiency in both written and spoken English.
• Adaptability to thrive in dynamic, fast-paced environments and remote work settings.
• Effective team player with excellent collaboration and interpersonal skills.
• Ability to perform under pressure with a positive attitude and a focus on team success.
• Demonstrates high levels of responsibility, reliability, and accountability.
• Willingness and ability to travel internationally when required.

Tại sao bạn sẽ yêu thích làm việc tại đây

We go the extra mile to ensure your experience working onsite in the UAE is seamless, rewarding, and enriching:
• Flexible Work Hours: Enjoy a balanced lifestyle with a 6-hour workday, from 10:00 AM to 5:00 PM, including a 1-hour lunch break.
• 30 Days of Paid Leave: Accumulate your annual 30-day leave for longer holidays, travel adventures, or quality time with family.
• Flight Benefits: We provide a round-trip flight to Dubai when you onboard, plus two return flights to Vietnam each year so you can stay close to home while building a global career.
• Supported Living: We take care of your accommodation and support daily living expenses to ensure a comfortable, stress-free experience from day one. Our team will support you every step of the way.
• Visa & Legal Assistance: We sponsor your visa and handle all required legal procedures, giving you peace of mind throughout the relocation process.
• Modern Central Office: Our office is in the heart of vibrant Dubai, with easy access to metro lines, shopping malls, green parks, and world-class amenities.
• Onsite Support: You’ll have the ongoing support of our HR and admin teams, dedicated to helping you settle in and thrive — both professionally and personally.
________________________________________
If you’re passionate about taking your tech career to an international stage — we’d love to hear from you.