28 Penetration Tester jobs in Dubai

We are seeking an experienced Penetration Tester to join our dynamic IT operations team in Ajman, UAE. In this critical role, you will be responsible for proactively identifying security vulnerabilities in our systems, networks, and applications before they can be exploited. Your expertise will help safeguard Dicetek’s digital infrastructure and ensure the highest standards of cybersecurity across all platforms. This is an exciting opportunity to work with a forward-thinking team dedicated to building secure and resilient IT environments.

Perform regular penetration testing on web applications, networks, and systems.
Identify, exploit, and document vulnerabilities with precision and clarity.
Conduct risk assessments and security audits to evaluate existing security controls.
Simulate real-world attacks to test the robustness of current defense mechanisms.
Collaborate with the IT and development teams to remediate vulnerabilities and improve security posture.
Stay updated on the latest security threats, tools, and trends.
Prepare detailed reports and presentations on findings for both technical and non-technical stakeholders.
Ensure compliance with security frameworks and industry regulations.

Bachelor's Degree in Computer Science, Cybersecurity, Information Technology, or a related field.
Minimum 6+ years of hands-on experience in penetration testing and vulnerability assessments.
In-depth knowledge of penetration testing methodologies, tools (e.g., Metasploit, Burp Suite, Nessus), and frameworks (e.g., OWASP, PTES).
Experience in ethical hacking, red teaming, and social engineering techniques.
Strong understanding of operating systems, networking protocols, and security architectures.
Relevant certifications such as OSCP, CEH, GPEN, or CISSP are highly desirable.
Excellent analytical, problem-solving, and communication skills.

At Dicetek LLC, we are a global IT solutions and services company committed to delivering technology-driven business innovations that empower enterprises across diverse industries. Headquartered in the UAE with a strong presence across the Middle East and Asia, Dicetek prides itself on its client-centric approach, deep domain expertise, and scalable delivery model. Our mission is to transform businesses by aligning cutting-edge technology with core organizational goals, while upholding values of integrity, innovation, and excellence.

Direct message the job poster from Airswift

Penetration tester - Web/Application/DevSecOps

Successful candidates have to be based in the UAE now.

We are seeking an experienced Penetration Tester to join a forward-thinking cyber security team focused on securing complex digital ecosystems. This role is ideal for someone with a strong background in DevSecOps, Application Security, and Information Security Management, combined with hands-on experience in application development.

As a key member of the security function, you will be responsible for identifying and remediating security vulnerabilities across applications and infrastructure, while contributing to the broader security strategy of the organisation.

Key Responsibilities:

• Conduct in-depth penetration testing across web, mobile, APIs, and cloud-based applications
• Collaborate with development and DevOps teams to embed security in the SDLC (DevSecOps practices)
• Perform threat modelling, code reviews, and vulnerability assessments
• Produce detailed reports and present findings to technical and non-technical stakeholders
• Support the development and continuous improvement of security policies and standards

Key Skills & Experience:

• Proven experience in Penetration Testing (ideally holding certifications such as OSCP, OSWE, or similar)
• Strong understanding of Application Security principles (OWASP Top 10, SAST/DAST tools, secure coding practices)
• Solid knowledge of DevSecOps tooling and CI/CD pipeline security
• Familiarity with Information Security frameworks (e.g. ISO 27001, NIST)
• Strong analytical and communication skills

If you would be interested, or you know someone who would then please get in touch.

• Seniority levelMid-Senior level

• Employment typeFull-time

• Job functionInformation Technology
• IndustriesBanking and IT Services and IT Consulting

Referrals increase your chances of interviewing at Airswift by 2x

Get notified about new Penetration Tester jobs in Dubai, United Arab Emirates.

Dubai, Dubai, United Arab Emirates 1 year ago

Dubai, Dubai, United Arab Emirates 1 year ago

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

We are seeking an experienced Penetration Tester to join our dynamic IT operations team in Ajman, UAE. In this critical role, you will be responsible for proactively identifying security vulnerabilities in our systems, networks, and applications before they can be exploited. Your expertise will help safeguard Dicetek's digital infrastructure and ensure the highest standards of cybersecurity across all platforms. This is an exciting opportunity to work with a forward-thinking team dedicated to building secure and resilient IT environments.

Perform regular penetration testing on web applications, networks, and systems.
Identify, exploit, and document vulnerabilities with precision and clarity.
Conduct risk assessments and security audits to evaluate existing security controls.
Simulate real-world attacks to test the robustness of current defense mechanisms.
Collaborate with the IT and development teams to remediate vulnerabilities and improve security posture.
Stay updated on the latest security threats, tools, and trends.
Prepare detailed reports and presentations on findings for both technical and non-technical stakeholders.
Ensure compliance with security frameworks and industry regulations.

Bachelor's Degree in Computer Science, Cybersecurity, Information Technology, or a related field.
Minimum 6+ years of hands-on experience in penetration testing and vulnerability assessments.
In-depth knowledge of penetration testing methodologies, tools (e.g., Metasploit, Burp Suite, Nessus), and frameworks (e.g., OWASP, PTES).
Experience in ethical hacking, red teaming, and social engineering techniques.
Strong understanding of operating systems, networking protocols, and security architectures.
Relevant certifications such as OSCP, CEH, GPEN, or CISSP are highly desirable.
Excellent analytical, problem-solving, and communication skills.

At Dicetek LLC, we are a global IT solutions and services company committed to delivering technology-driven business innovations that empower enterprises across diverse industries. Headquartered in the UAE with a strong presence across the Middle East and Asia, Dicetek prides itself on its client-centric approach, deep domain expertise, and scalable delivery model. Our mission is to transform businesses by aligning cutting-edge technology with core organizational goals, while upholding values of integrity, innovation, and excellence.

We are seeking a skilled and experienced Cybersecurity Vulnerability Assessment Manager to lead our banking clients' vulnerability assessment and penetration testing engagements.

The Cybersecurity Vulnerability Assessment Manager will be responsible for developing and executing comprehensive vulnerability assessment and penetration testing strategies, leading teams of security professionals, and collaborating with stakeholders to identify and prioritize vulnerabilities.

Key responsibilities include:

1. Developing and executing VAPT strategies to ensure the highest level of security for our banking clients.
2. Leading teams of security professionals to conduct vulnerability assessments and penetration testing engagements.
3. Collaborating with stakeholders to identify and prioritize vulnerabilities, and implementing remediation plans to mitigate risks.
4. Staying up-to-date with emerging threats and technologies to ensure our clients' security measures are always current and effective.

Our ideal candidate will possess the following skills and qualifications:

• Bachelor's degree in computer science, network/cyber security, or a related field.
• 7-10 years of experience in information security or a related field.
• Strong technical skills and expertise in VAPT methodologies, tools, and techniques.
• Excellent analytical and communication skills.
• Experience with platform-specific certifications, such as SIEM/Networking/Operating System.
• Security certifications, such as SANS/ISC2/CEH/CISSP/CISM/CISO.

As a valued member of our team, you can expect:

• A competitive salary and benefits package.
• Opportunities for professional growth and development.
• A dynamic and supportive work environment.
• Recognition and rewards for outstanding performance.

The Vulnerability Assessment Security Resident Engineer is responsible for identifying, analyzing, and helping remediate vulnerabilities across an organization’s IT infrastructure, applications, and systems. This role plays a critical part in reducing the organization’s attack surface and ensuring compliance with security policies and industry standards.

Key Responsibilities:

• Conduct regular vulnerability assessments using automated tools (e.g., Nessus) and manual techniques.
• Analyze scan results to identify false positives, determine risk levels, and prioritize remediation.
• Generate clear, executive-friendly vulnerability reports for management, highlighting risk levels, trends, and remediation progress.
• Maintain documentation and dashboards to support compliance and audit requirements.
• Collaborate with system and application owners to verify findings and track remediation efforts.
• Maintain and update the vulnerability management platform and supporting documentation.
• Perform root cause analysis and trend analysis of recurring vulnerabilities.
• Provide technical guidance and support to IT teams for vulnerability mitigation.
• Contribute to the development of security metrics and dashboards.
• Stay current with emerging threats, vulnerabilities, and security technologies.

Job Qualifications:

• At least 2-3 years of experience in Network Security environment
• Education: A bachelor's or master's degree in computer science, information technology, or a related field is required.
• Experience in one or more of below technologies/solutions:

> Tenable One experience is a must.

> Tenable Security Center Plus.

> Tenable Identity Exposure.

> Tenable Cloud Security Standard and Enterprise.

> Tenable CIEM.

> OT Security.

> Lumin Exposure View and Attack Path Analysis.

> Number of Tenable Web App Scanning has limits.

Other Requirements:

• Egyptian Nationality is a must
• UAE Residential ID is a must.

• Seniority levelMid-Senior level

• Employment typeFull-time

• Job functionInformation Technology
• IndustriesIT Services and IT Consulting and Computer and Network Security

Referrals increase your chances of interviewing at Intercom Enterprises by 2x

Get notified about new Cyber Security Engineer jobs in Dubai, United Arab Emirates.

Dubai, Dubai, United Arab Emirates 13 hours ago

Dubai, Dubai, United Arab Emirates 1 year ago

Dubai, Dubai, United Arab Emirates 1 year ago

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

We are currently looking for a Vulnerability Assessment and Pentest (VAPT) Manager - Banking for our UAE operations with the following qualifications:

• Education Level Required:
• Bachelor’s degree in computer science, Network / Cyber Security, or related information technology field.
• Experience in quality assurance in Vulnerability Assessment and Pentest (VAPT).
• Skills to verify scripts and test cases before execution for all types of VAPT such as application, internal, external, WiFi, etc.
• Platform specific (e.g., SIEM / Networking / Operating System) certifications.
• Security (e.g., SANS / ISC2 / CEH / CISSP / CISM / CISO) certifications.
• Experience:
• 7 - 10 years’ experience in Information Security or related field.
• Strong operations knowledge with banking background and hands-on experience in implementing and managing IS applications such as EDR, SIEM, DLP, with network-related experience and education in computer science, Network / Cyber Security, and related certifications.

Help AG is looking for a talented and enthusiastic Security Analyst who will have a strong knowledge and interest in network security. The Security Analyst will be responsible for monitoring multiple security technologies and events using the Security Information Event Management (SIEM) tool in order to detect and identify IT security related incidents.

This role requires:

• 2-4 years of experience in information security, in areas such as security operations, intrusion detection, incident analysis, incident handling, log analysis, or firewall administration.
• 2-4 years of experience in one of the following: Network operations or engineering or system administration on Unix, Linux, Windows.

Responsibilities

• Follow detailed operational processes and procedures to appropriately analyze, escalate, and assist in the remediation of critical information security incidents.
• Correlate and analyze events using the Splunk/Log Rhythm/Qradar SIEM tool to detect IT security incidents.
• Conduct analysis of log files, including forensic analysis of system resource access.
• Review customer reports to ensure quality and accuracy.
• Monitor multiple security technologies, such as SIEM, IDS/IPS, Firewalls, Switches, VPNs, and other security threat data sources.
• Respond to inbound requests via phone and other electronic means for technical assistance with managed services.
• Respond in a timely manner (within documented SLA) to support, threat, and other cases.
• Document actions in cases to effectively communicate information internally and to customers.
• Resolve problems independently and understand escalation procedures.
• Maintain a high degree of awareness of the current threat landscape.
• Participate in knowledge sharing with other analysts and writing technical articles for Internal Knowledge Bases.
• Perform other essential duties as assigned.
• Able to work in rotating shifts within a 24/7 operating environment.

Qualifications & Skills

• A Degree in Computer Science, Information Systems, Electrical Engineering, or a closely related degree.
• An active interest in internet security, incident detection, network and systems security.
• A sound knowledge of IT security best practices, common attack types and detection/prevention methods.
• Demonstrable experience of analyzing and interpreting system, security, and application logs.
• Knowledge of the type of events that both Firewalls, IDS/IPS, and other security-related devices produce.
• Experience in using SIEM tools such as Splunk, Log Rhythm, Qradar, Alien Vault, NitroSecurity, etc.
• TCP/IP knowledge, networking, and security product experience.
• Knowledge of Cyber Kill Chain and MITRE ATT&CK frameworks.
• Possible attack activities, such as scans, man in the middle, sniffing, DoS, DDoS, etc., and possible abnormal activities, such as worms, Trojans, viruses, etc.
• CCNA, CISSP, GCA, GCIA, GCIH, CEH certification would be preferable.
• Outstanding organizational skills.
• Exclusive focus and vast experience in IT.
• Strong analytical and problem-solving skills.
• A motivated, self-managed individual who can demonstrate above-average analytical skills and work professionally with peers and customers even under pressure.
• Very good communication skills.
• Strong written and verbal skills.
• Strong interpersonal skills with the ability to collaborate well with others.
• Ability to speak and write in English is required; Arabic is preferred.

Benefits

• Health insurance with one of the leading global providers for medical insurance.
• Career progression and growth through challenging projects and work.
• Employee engagement and wellness campaigns activities throughout the year.
• Excellent learning and development opportunities.
• Inclusive and diverse working environment.
• Flexible/Hybrid working environment.
• Annual flight tickets to home country.
• Open door policy.

About Us

Help AG is the cybersecurity arm of e& enterprise (formerly Etisalat Digital) and provides leading enterprise businesses across the Middle East with strategic consultancy combined with tailored information security solutions and services that address their diverse requirements, enabling them to evolve securely with a competitive edge.

Present in the Middle East since 2004, Help AG was strategically acquired by e& (formerly Etisalat Group) in 2020, hence creating a cybersecurity and digital transformation powerhouse in the region.

Help AG has firmly established itself as the region's trusted IT security advisor by remaining vendor-agnostic, trustworthy, independent, and maintaining its focus on all aspects of cybersecurity. With best of breed technologies from industry-leading vendor partners, expertly qualified service delivery teams, and a state-of-the-art consulting practice, Help AG delivers unmatched value to its customers by strengthening their cyber defenses and safeguarding their business.

Help AG is looking for a talented and enthusiastic Security Analyst who will have a strong knowledge and interest in network security. The Security Analyst will be responsible for monitoring multiple security technologies and events using the Security Information Event Management (SIEM) tool in order to detect and identify IT security related incidents.

This role requires:

• 2-4 years of experience in information security, in areas such as security operations, intrusion detection, incident analysis, incident handling, log analysis, or firewall administration.
• 2-4 years of experience in one of the following: Network operations or engineering or system administration on Unix, Linux, Windows.

Responsibilities

• Follow detailed operational processes and procedures to appropriately analyze, escalate, and assist in the remediation of critical information security incidents.
• Correlate and analyze events using the Splunk/Log Rhythm/Qradar SIEM tool to detect IT security incidents.
• Conduct analysis of log files, including forensic analysis of system resource access.
• Review customer reports to ensure quality and accuracy.
• Monitor multiple security technologies, such as SIEM, IDS/IPS, Firewalls, Switches, VPNs, and other security threat data sources.
• Respond to inbound requests via phone and other electronic means for technical assistance with managed services.
• Respond in a timely manner (within documented SLA) to support, threat, and other cases.
• Document actions in cases to effectively communicate information internally and to customers.
• Resolve problems independently and understand escalation procedures.
• Maintain a high degree of awareness of the current threat landscape.
• Participate in knowledge sharing with other analysts and writing technical articles for Internal Knowledge Bases.
• Perform other essential duties as assigned.
• Able to work in rotating shifts within a 24/7 operating environment.

Qualifications & Skills

• A Degree in Computer Science, Information Systems, Electrical Engineering, or a closely related degree.
• An active interest in internet security, incident detection, network and systems security.
• A sound knowledge of IT security best practices, common attack types and detection/prevention methods.
• Demonstrable experience of analyzing and interpreting system, security, and application logs.
• Knowledge of the type of events that both Firewalls, IDS/IPS, and other security-related devices produce.
• Experience in using SIEM tools such as Splunk, Log Rhythm, Qradar, Alien Vault, NitroSecurity, etc.
• TCP/IP knowledge, networking, and security product experience.
• Knowledge of Cyber Kill Chain and MITRE ATT&CK frameworks.
• Possible attack activities, such as scans, man in the middle, sniffing, DoS, DDoS, etc., and possible abnormal activities, such as worms, Trojans, viruses, etc.
• CCNA, CISSP, GCA, GCIA, GCIH, CEH certification would be preferable.
• Outstanding organizational skills.
• Exclusive focus and vast experience in IT.
• Strong analytical and problem-solving skills.
• A motivated, self-managed individual who can demonstrate above-average analytical skills and work professionally with peers and customers even under pressure.
• Very good communication skills.
• Strong written and verbal skills.
• Strong interpersonal skills with the ability to collaborate well with others.
• Ability to speak and write in English is required; Arabic is preferred.

Benefits

• Health insurance with one of the leading global providers for medical insurance.
• Career progression and growth through challenging projects and work.
• Employee engagement and wellness campaigns activities throughout the year.
• Excellent learning and development opportunities.
• Inclusive and diverse working environment.
• Flexible/Hybrid working environment.
• Annual flight tickets to home country.
• Open door policy.

About Us

Help AG is the cybersecurity arm of e& enterprise (formerly Etisalat Digital) and provides leading enterprise businesses across the Middle East with strategic consultancy combined with tailored information security solutions and services that address their diverse requirements, enabling them to evolve securely with a competitive edge.

Present in the Middle East since 2004, Help AG was strategically acquired by e& (formerly Etisalat Group) in 2020, hence creating a cybersecurity and digital transformation powerhouse in the region.

Help AG has firmly established itself as the region's trusted IT security advisor by remaining vendor-agnostic, trustworthy, independent, and maintaining its focus on all aspects of cybersecurity. With best of breed technologies from industry-leading vendor partners, expertly qualified service delivery teams, and a state-of-the-art consulting practice, Help AG delivers unmatched value to its customers by strengthening their cyber defenses and safeguarding their business.

Dubai, United Arab Emirates | Posted on 16/06/2025

IFZA Dubai is the most dynamic and truly international Free Zone Community in the UAE, optimizing the country's strategic location and world-class infrastructure. We provide easy, reliable, and fast company formation services through our network of Professional Partners and Government Authorities.

Job Overview:

The Information Security Analyst will be responsible for protecting IFZA's information systems by identifying, assessing, and mitigating security risks. This role involves monitoring, analyzing, and responding to security incidents, implementing security measures, and ensuring compliance with industry standards and regulations. The ideal candidate is proactive, detail-oriented, and possesses strong technical and analytical skills.

Main Responsibilities:

• Threat Monitoring and Incident Response :
• Monitor network traffic and security alerts for potential threats using SIEM tools (e.g., Microsoft Sentinel).
• Investigate and respond to security incidents, including malware infections, phishing attacks, and unauthorized access.
• Conduct root cause analysis and document incident reports with remediation recommendations.
• Risk Assessment and Vulnerability Management :
• Perform regular vulnerability scans and penetration testing to identify weaknesses in systems and applications.
• Collaborate with IT teams to prioritize and remediate vulnerabilities.
• Conduct risk assessments to evaluate potential security threats and recommend mitigation strategies.
• Security Policy and Compliance :
• Implement, and enforce security policies, procedures, and standards in alignment with frameworks such as NIST, ISO 27001, or GDPR.
• Ensure compliance with regulatory requirements and industry’s best practices.
• Assist in preparing for and responding to internal and external audits.
• Security Awareness and Training :
• Conduct security awareness training for employees to promote best practices (e.g., password management, phishing prevention).
• Create and distribute educational materials on emerging cyber threats.
• System and Network Security :
• Configure and manage security tools such as firewalls, intrusion detection/prevention systems (IDS/IPS), and endpoint protection solutions.
• Implement and monitor encryption, authentication, and access control mechanisms.
• Threat Intelligence and Research :
• Stay updated on the latest cyber threats, vulnerabilities, and attack vectors.
• Analyze threat intelligence reports and apply findings to enhance organizational security posture.

• Bachelor’s in Engineering , Computer Science, or related field.
• 8+ years of experience in Information Security.
• Minimum 3 + years hands-on experience in SOC, blue-team, or security engineering roles.
• Proven expertise with Microsoft Sentinel, Microsoft Defender, Incident management, Compromised recovery, patch management and vulnerability management platform .
• Solid grasp of TCP/IP, Windows/Linux internals, AWS/Azure security primitives.
• Scripting for automation (Python, Bash, or PowerShell).
• Familiarity with MITRE ATTACK mapping and threat-hunting methodology.
• CompTIA Security+, CEH, GRC, CCNA or CCNP - Security.
• Analytical mindset with strong investigation and documentation discipline.
• Clear verbal/written communication for incident briefings and executive reports.
• Ability to multitask and stay calm under pressure.
• Experience with Zero Trust architecture projects.
• Knowledge of privacy regulations (GDPR, HIPAA, PDPA).
• Exposure to DevSecOps .
  
• International team (over 60 nationalities)
  
• 24 working days as annual leave
  
• Annual flight home
  
• Life insurance plan
  
• Medical insurance plan (with the option to upgrade at your own cost)