42 Penetration Tester jobs in the United Arab Emirates

Direct message the job poster from Airswift

Penetration tester - Web/Application/DevSecOps

Successful candidates have to be based in the UAE now.

We are seeking an experienced Penetration Tester to join a forward-thinking cyber security team focused on securing complex digital ecosystems. This role is ideal for someone with a strong background in DevSecOps, Application Security, and Information Security Management, combined with hands-on experience in application development.

As a key member of the security function, you will be responsible for identifying and remediating security vulnerabilities across applications and infrastructure, while contributing to the broader security strategy of the organisation.

Key Responsibilities:

• Conduct in-depth penetration testing across web, mobile, APIs, and cloud-based applications
• Collaborate with development and DevOps teams to embed security in the SDLC (DevSecOps practices)
• Perform threat modelling, code reviews, and vulnerability assessments
• Produce detailed reports and present findings to technical and non-technical stakeholders
• Support the development and continuous improvement of security policies and standards

Key Skills & Experience:

• Proven experience in Penetration Testing (ideally holding certifications such as OSCP, OSWE, or similar)
• Strong understanding of Application Security principles (OWASP Top 10, SAST/DAST tools, secure coding practices)
• Solid knowledge of DevSecOps tooling and CI/CD pipeline security
• Familiarity with Information Security frameworks (e.g. ISO 27001, NIST)
• Strong analytical and communication skills

If you would be interested, or you know someone who would then please get in touch.

• Seniority levelMid-Senior level

• Employment typeFull-time

• Job functionInformation Technology
• IndustriesBanking and IT Services and IT Consulting

Referrals increase your chances of interviewing at Airswift by 2x

Get notified about new Penetration Tester jobs in Dubai, United Arab Emirates.

Dubai, Dubai, United Arab Emirates 1 year ago

Dubai, Dubai, United Arab Emirates 1 year ago

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

Get AI-powered advice on this job and more exclusive features.

NXTL Solutions is a leading cyber security company based in UAE.

We are looking for a senior penetration tester that can lead, plan, and deliver comprehensive penetration testing engagements across enterprise environments, including on-premises, cloud, network, wireless, applications, and AI systems.

Key Responsibilities:

• Perform and lead advanced penetration tests covering:
• Cloud services and infrastructure.
• Enterprise networks, servers, and wireless environments.
• Web and API security assessments.
• AI/ML applications and models.
• Develop and execute sophisticated social engineering campaigns (e.g., phishing, vishing, physical assessments).
• Design attack scenarios to emulate real-world threat actors and demonstrate business impact.
• Lead red team and purple team activities.
• Validate and review technical work produced by junior team members.
• Produce detailed technical documentation and concise executive-level reporting.
• Present findings to client stakeholders and recommend remediation strategies.
• Maintain up-to-date knowledge of emerging threats, offensive security tools, and AI security research.

Requirements:

• 5–7 years of professional experience in penetration testing or offensive security.
• Strong expertise in:
• Cloud security assessments (AWS, Azure, GCP).
• Network, infrastructure, and wireless penetration testing.
• Web application and API security testing.
• Social engineering techniques and campaign execution.
• AI/ML security assessments (prompt injection, model exploitation, adversarial testing).
• Hands-on proficiency with tools such as:
• Burp Suite Pro, Cobalt Strike, Metasploit, Nmap, Nessus, Wireshark, Aircrack-ng, custom scripts and tools for AI testing.
• In-depth knowledge of MITRE ATT&CK, OWASP, NIST frameworks.
• Relevant certifications strongly preferred:
• OSCP, OSCE, OSEP, CREST CRT/CCT, CISSP, Offensive AI Red Teaming credentials or relevant AI security certifications.
• Excellent communication and client engagement skills.
• Experience mentoring junior testers.

Must be in UAE

Competitive Salary Depending on Experience

• Seniority levelMid-Senior level

• Employment typeFull-time

• Job functionInformation Technology
• IndustriesIT Services and IT Consulting

Referrals increase your chances of interviewing at NXTL Solutions by 2x

Abu Dhabi, Abu Dhabi Emirate, United Arab Emirates 1 day ago

Abu Dhabi, Abu Dhabi Emirate, United Arab Emirates 23 hours ago

Abu Dhabi Emirate, United Arab Emirates 1 day ago

Abu Dhabi Emirate, United Arab Emirates 3 days ago

Abu Dhabi Emirate, United Arab Emirates 1 week ago

Abu Dhabi, Abu Dhabi Emirate, United Arab Emirates 1 day ago

Abu Dhabi, Abu Dhabi Emirate, United Arab Emirates 5 days ago

Abu Dhabi, Abu Dhabi Emirate, United Arab Emirates AED18,000.00-AED21,000.00 3 months ago

Abu Dhabi, Abu Dhabi Emirate, United Arab Emirates 1 month ago

Abu Dhabi, Abu Dhabi Emirate, United Arab Emirates 7 months ago

Abu Dhabi, Abu Dhabi Emirate, United Arab Emirates 2 months ago

Abu Dhabi, Abu Dhabi Emirate, United Arab Emirates 6 months ago

Abu Dhabi, Abu Dhabi Emirate, United Arab Emirates 3 months ago

Abu Dhabi, Abu Dhabi Emirate, United Arab Emirates 3 days ago

Abu Dhabi, Abu Dhabi Emirate, United Arab Emirates 1 month ago

Abu Dhabi, Abu Dhabi Emirate, United Arab Emirates 1 month ago

Abu Dhabi, Abu Dhabi Emirate, United Arab Emirates 1 month ago

Abu Dhabi, Abu Dhabi Emirate, United Arab Emirates 1 month ago

Abu Dhabi, Abu Dhabi Emirate, United Arab Emirates 1 month ago

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

We are seeking a skilled and experienced Cybersecurity Vulnerability Assessment Manager to lead our banking clients' vulnerability assessment and penetration testing engagements.

The Cybersecurity Vulnerability Assessment Manager will be responsible for developing and executing comprehensive vulnerability assessment and penetration testing strategies, leading teams of security professionals, and collaborating with stakeholders to identify and prioritize vulnerabilities.

Key responsibilities include:

1. Developing and executing VAPT strategies to ensure the highest level of security for our banking clients.
2. Leading teams of security professionals to conduct vulnerability assessments and penetration testing engagements.
3. Collaborating with stakeholders to identify and prioritize vulnerabilities, and implementing remediation plans to mitigate risks.
4. Staying up-to-date with emerging threats and technologies to ensure our clients' security measures are always current and effective.

Our ideal candidate will possess the following skills and qualifications:

• Bachelor's degree in computer science, network/cyber security, or a related field.
• 7-10 years of experience in information security or a related field.
• Strong technical skills and expertise in VAPT methodologies, tools, and techniques.
• Excellent analytical and communication skills.
• Experience with platform-specific certifications, such as SIEM/Networking/Operating System.
• Security certifications, such as SANS/ISC2/CEH/CISSP/CISM/CISO.

As a valued member of our team, you can expect:

• A competitive salary and benefits package.
• Opportunities for professional growth and development.
• A dynamic and supportive work environment.
• Recognition and rewards for outstanding performance.

The Vulnerability Assessment Security Resident Engineer is responsible for identifying, analyzing, and helping remediate vulnerabilities across an organization’s IT infrastructure, applications, and systems. This role plays a critical part in reducing the organization’s attack surface and ensuring compliance with security policies and industry standards.

Key Responsibilities:

• Conduct regular vulnerability assessments using automated tools (e.g., Nessus) and manual techniques.
• Analyze scan results to identify false positives, determine risk levels, and prioritize remediation.
• Generate clear, executive-friendly vulnerability reports for management, highlighting risk levels, trends, and remediation progress.
• Maintain documentation and dashboards to support compliance and audit requirements.
• Collaborate with system and application owners to verify findings and track remediation efforts.
• Maintain and update the vulnerability management platform and supporting documentation.
• Perform root cause analysis and trend analysis of recurring vulnerabilities.
• Provide technical guidance and support to IT teams for vulnerability mitigation.
• Contribute to the development of security metrics and dashboards.
• Stay current with emerging threats, vulnerabilities, and security technologies.

Job Qualifications:

• At least 2-3 years of experience in Network Security environment
• Education: A bachelor's or master's degree in computer science, information technology, or a related field is required.
• Experience in one or more of below technologies/solutions:

> Tenable One experience is a must.

> Tenable Security Center Plus.

> Tenable Identity Exposure.

> Tenable Cloud Security Standard and Enterprise.

> Tenable CIEM.

> OT Security.

> Lumin Exposure View and Attack Path Analysis.

> Number of Tenable Web App Scanning has limits.

Other Requirements:

• Egyptian Nationality is a must
• UAE Residential ID is a must.

• Seniority levelMid-Senior level

• Employment typeFull-time

• Job functionInformation Technology
• IndustriesIT Services and IT Consulting and Computer and Network Security

Referrals increase your chances of interviewing at Intercom Enterprises by 2x

Get notified about new Cyber Security Engineer jobs in Dubai, United Arab Emirates.

Dubai, Dubai, United Arab Emirates 13 hours ago

Dubai, Dubai, United Arab Emirates 1 year ago

Dubai, Dubai, United Arab Emirates 1 year ago

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

We are currently looking for a Vulnerability Assessment and Pentest (VAPT) Manager - Banking for our UAE operations with the following qualifications:

• Education Level Required:
• Bachelor’s degree in computer science, Network / Cyber Security, or related information technology field.
• Experience in quality assurance in Vulnerability Assessment and Pentest (VAPT).
• Skills to verify scripts and test cases before execution for all types of VAPT such as application, internal, external, WiFi, etc.
• Platform specific (e.g., SIEM / Networking / Operating System) certifications.
• Security (e.g., SANS / ISC2 / CEH / CISSP / CISM / CISO) certifications.
• Experience:
• 7 - 10 years’ experience in Information Security or related field.
• Strong operations knowledge with banking background and hands-on experience in implementing and managing IS applications such as EDR, SIEM, DLP, with network-related experience and education in computer science, Network / Cyber Security, and related certifications.

Are you fascinated by the idea of using your technical skills to protect systems and networks from cyber threats while staying one step ahead of cybercriminals? Are you looking for a structured training program that can kickstart your career in ethical hacking?

At Nuyew Tech Academy, we specialise in providing aspiring tech professionals like you with the tools, training, and support needed to launch successful careers in this vital industry.

Whether you're starting from scratch or looking to advance your existing skills, our academy offers a comprehensive program designed to cultivate your talent and propel you towards exciting opportunities in ethical hacking and cyber security.

What the Ethical Hacker Career Accelerator at Nuyew Tech Academy includes and what students can expect:

·    Career Advancement: Elevate your professional journey with a tailored training course that's designed to set you on the path towards high-demand tech roles.

·    Competitive Salary Prospects: Upon completing our training and gaining some relevant experience, candidates are poised to secure roles with salaries aligned to what's advertised on the job listing. Invest in your future potential!

·    Employment Guarantee: If you haven't secured a tech job by course completion, we'll provide additional training and career support until you do. Still not employed after three years? We'll refund your tuition in full, and you keep your certifications. Your future in tech starts with us.

·    Professional Growth: Broaden your horizons and skill set with diverse professional development opportunities throughout and post-training.

·    Dynamic Learning Environment: Experience a vibrant and supportive academy atmosphere where innovation meets education.

·    Affordable Learning: We're committed to making education accessible. The academy career pathway tuition fee of £3995 can be funded by scholarship opportunities and interest free student loans which enable you to spread your tuition fee over 36 months. 

Please Note: While we offer robust training and support to help candidates find employment, it's important to clarify that candidates will not be directly employed by Nuyew Tech Academy. Our commitment is to empower you with the skills and support needed to enhance your job prospects in the broader tech industry.

Are you fascinated by the idea of using your technical skills to protect systems and networks from cyber threats while staying one step ahead of cybercriminals? Are you looking for a structured training program that can kickstart your career in ethical hacking?

At Nuyew Tech Academy, we specialise in providing aspiring tech professionals like you with the tools, training, and support needed to launch successful careers in this vital industry.

Whether you're starting from scratch or looking to advance your existing skills, our academy offers a comprehensive program designed to cultivate your talent and propel you towards exciting opportunities in ethical hacking and cyber security.

What the Ethical Hacker Career Accelerator at Nuyew Tech Academy includes and what students can expect:

·    Career Advancement: Elevate your professional journey with a tailored training course that's designed to set you on the path towards high-demand tech roles.

·    Competitive Salary Prospects: Upon completing our training and gaining some relevant experience, candidates are poised to secure roles with salaries aligned to what's advertised on the job listing. Invest in your future potential!

·    Employment Guarantee: If you haven't secured a tech job by course completion, we'll provide additional training and career support until you do. Still not employed after three years? We'll refund your tuition in full, and you keep your certifications. Your future in tech starts with us.

·    Professional Growth: Broaden your horizons and skill set with diverse professional development opportunities throughout and post-training.

·    Dynamic Learning Environment: Experience a vibrant and supportive academy atmosphere where innovation meets education.

·    Affordable Learning: We're committed to making education accessible. The academy career pathway tuition fee of £3995 can be funded by scholarship opportunities and interest free student loans which enable you to spread your tuition fee over 36 months. 

Please Note: While we offer robust training and support to help candidates find employment, it's important to clarify that candidates will not be directly employed by Nuyew Tech Academy. Our commitment is to empower you with the skills and support needed to enhance your job prospects in the broader tech industry.

Help AG is looking for a talented and enthusiastic Security Analyst who will have a strong knowledge and interest in network security. The Security Analyst will be responsible for monitoring multiple security technologies and events using the Security Information Event Management (SIEM) tool in order to detect and identify IT security related incidents.

This role requires:

• 2-4 years of experience in information security, in areas such as security operations, intrusion detection, incident analysis, incident handling, log analysis, or firewall administration.
• 2-4 years of experience in one of the following: Network operations or engineering or system administration on Unix, Linux, Windows.

Responsibilities

• Follow detailed operational processes and procedures to appropriately analyze, escalate, and assist in the remediation of critical information security incidents.
• Correlate and analyze events using the Splunk/Log Rhythm/Qradar SIEM tool to detect IT security incidents.
• Conduct analysis of log files, including forensic analysis of system resource access.
• Review customer reports to ensure quality and accuracy.
• Monitor multiple security technologies, such as SIEM, IDS/IPS, Firewalls, Switches, VPNs, and other security threat data sources.
• Respond to inbound requests via phone and other electronic means for technical assistance with managed services.
• Respond in a timely manner (within documented SLA) to support, threat, and other cases.
• Document actions in cases to effectively communicate information internally and to customers.
• Resolve problems independently and understand escalation procedures.
• Maintain a high degree of awareness of the current threat landscape.
• Participate in knowledge sharing with other analysts and writing technical articles for Internal Knowledge Bases.
• Perform other essential duties as assigned.
• Able to work in rotating shifts within a 24/7 operating environment.

Qualifications & Skills

• A Degree in Computer Science, Information Systems, Electrical Engineering, or a closely related degree.
• An active interest in internet security, incident detection, network and systems security.
• A sound knowledge of IT security best practices, common attack types and detection/prevention methods.
• Demonstrable experience of analyzing and interpreting system, security, and application logs.
• Knowledge of the type of events that both Firewalls, IDS/IPS, and other security-related devices produce.
• Experience in using SIEM tools such as Splunk, Log Rhythm, Qradar, Alien Vault, NitroSecurity, etc.
• TCP/IP knowledge, networking, and security product experience.
• Knowledge of Cyber Kill Chain and MITRE ATT&CK frameworks.
• Possible attack activities, such as scans, man in the middle, sniffing, DoS, DDoS, etc., and possible abnormal activities, such as worms, Trojans, viruses, etc.
• CCNA, CISSP, GCA, GCIA, GCIH, CEH certification would be preferable.
• Outstanding organizational skills.
• Exclusive focus and vast experience in IT.
• Strong analytical and problem-solving skills.
• A motivated, self-managed individual who can demonstrate above-average analytical skills and work professionally with peers and customers even under pressure.
• Very good communication skills.
• Strong written and verbal skills.
• Strong interpersonal skills with the ability to collaborate well with others.
• Ability to speak and write in English is required; Arabic is preferred.

Benefits

• Health insurance with one of the leading global providers for medical insurance.
• Career progression and growth through challenging projects and work.
• Employee engagement and wellness campaigns activities throughout the year.
• Excellent learning and development opportunities.
• Inclusive and diverse working environment.
• Flexible/Hybrid working environment.
• Annual flight tickets to home country.
• Open door policy.

About Us

Help AG is the cybersecurity arm of e& enterprise (formerly Etisalat Digital) and provides leading enterprise businesses across the Middle East with strategic consultancy combined with tailored information security solutions and services that address their diverse requirements, enabling them to evolve securely with a competitive edge.

Present in the Middle East since 2004, Help AG was strategically acquired by e& (formerly Etisalat Group) in 2020, hence creating a cybersecurity and digital transformation powerhouse in the region.

Help AG has firmly established itself as the region's trusted IT security advisor by remaining vendor-agnostic, trustworthy, independent, and maintaining its focus on all aspects of cybersecurity. With best of breed technologies from industry-leading vendor partners, expertly qualified service delivery teams, and a state-of-the-art consulting practice, Help AG delivers unmatched value to its customers by strengthening their cyber defenses and safeguarding their business.

Help AG is looking for a talented and enthusiastic Security Analyst who will have a strong knowledge and interest in network security. The Security Analyst will be responsible for monitoring multiple security technologies and events using the Security Information Event Management (SIEM) tool in order to detect and identify IT security related incidents.

This role requires:

• 2-4 years of experience in information security, in areas such as security operations, intrusion detection, incident analysis, incident handling, log analysis, or firewall administration.
• 2-4 years of experience in one of the following: Network operations or engineering or system administration on Unix, Linux, Windows.

Responsibilities

• Follow detailed operational processes and procedures to appropriately analyze, escalate, and assist in the remediation of critical information security incidents.
• Correlate and analyze events using the Splunk/Log Rhythm/Qradar SIEM tool to detect IT security incidents.
• Conduct analysis of log files, including forensic analysis of system resource access.
• Review customer reports to ensure quality and accuracy.
• Monitor multiple security technologies, such as SIEM, IDS/IPS, Firewalls, Switches, VPNs, and other security threat data sources.
• Respond to inbound requests via phone and other electronic means for technical assistance with managed services.
• Respond in a timely manner (within documented SLA) to support, threat, and other cases.
• Document actions in cases to effectively communicate information internally and to customers.
• Resolve problems independently and understand escalation procedures.
• Maintain a high degree of awareness of the current threat landscape.
• Participate in knowledge sharing with other analysts and writing technical articles for Internal Knowledge Bases.
• Perform other essential duties as assigned.
• Able to work in rotating shifts within a 24/7 operating environment.

Qualifications & Skills

• A Degree in Computer Science, Information Systems, Electrical Engineering, or a closely related degree.
• An active interest in internet security, incident detection, network and systems security.
• A sound knowledge of IT security best practices, common attack types and detection/prevention methods.
• Demonstrable experience of analyzing and interpreting system, security, and application logs.
• Knowledge of the type of events that both Firewalls, IDS/IPS, and other security-related devices produce.
• Experience in using SIEM tools such as Splunk, Log Rhythm, Qradar, Alien Vault, NitroSecurity, etc.
• TCP/IP knowledge, networking, and security product experience.
• Knowledge of Cyber Kill Chain and MITRE ATT&CK frameworks.
• Possible attack activities, such as scans, man in the middle, sniffing, DoS, DDoS, etc., and possible abnormal activities, such as worms, Trojans, viruses, etc.
• CCNA, CISSP, GCA, GCIA, GCIH, CEH certification would be preferable.
• Outstanding organizational skills.
• Exclusive focus and vast experience in IT.
• Strong analytical and problem-solving skills.
• A motivated, self-managed individual who can demonstrate above-average analytical skills and work professionally with peers and customers even under pressure.
• Very good communication skills.
• Strong written and verbal skills.
• Strong interpersonal skills with the ability to collaborate well with others.
• Ability to speak and write in English is required; Arabic is preferred.

Benefits

• Health insurance with one of the leading global providers for medical insurance.
• Career progression and growth through challenging projects and work.
• Employee engagement and wellness campaigns activities throughout the year.
• Excellent learning and development opportunities.
• Inclusive and diverse working environment.
• Flexible/Hybrid working environment.
• Annual flight tickets to home country.
• Open door policy.

About Us

Help AG is the cybersecurity arm of e& enterprise (formerly Etisalat Digital) and provides leading enterprise businesses across the Middle East with strategic consultancy combined with tailored information security solutions and services that address their diverse requirements, enabling them to evolve securely with a competitive edge.

Present in the Middle East since 2004, Help AG was strategically acquired by e& (formerly Etisalat Group) in 2020, hence creating a cybersecurity and digital transformation powerhouse in the region.

Help AG has firmly established itself as the region's trusted IT security advisor by remaining vendor-agnostic, trustworthy, independent, and maintaining its focus on all aspects of cybersecurity. With best of breed technologies from industry-leading vendor partners, expertly qualified service delivery teams, and a state-of-the-art consulting practice, Help AG delivers unmatched value to its customers by strengthening their cyber defenses and safeguarding their business.