41 Security Assessment jobs in the United Arab Emirates

Join to apply for the Security Consultant – WAF, Proxy, DLP, VAPT, and Digital Security Assessment role at Dicetek LLC

Join to apply for the Security Consultant – WAF, Proxy, DLP, VAPT, and Digital Security Assessment role at Dicetek LLC

Get AI-powered advice on this job and more exclusive features.

Job Title: Security Consultant – WAF, Proxy, DLP, VAPT, and Digital Security Assessment
Location: Dubai
Job Type: Contract
Reports to: Security Lead / Digital Security Manager
Job Summary
We are seeking a skilled Security Consultant to lead and coordinate critical security assessments and projects, bringing expertise in Web Application Firewalls (WAF), Proxies, Data Loss Prevention (DLP), Vulnerability Assessment and Penetration Testing (VAPT), and internal security assessments for both web and mobile applications. The ideal candidate will collaborate closely with internal teams and stakeholders to ensure the security and compliance of our digital assets, utilizing Forcepoint for Proxy and DLP, and F5 for WAF.
Key Responsibilities

• WAF Implementation and Management
• Oversee the configuration and management of F5 Web Application Firewalls (WAF) to protect digital assets.
• Perform regular reviews and updates of WAF policies and rules based on evolving threats and application changes.
• Collaborate with development and IT teams to resolve false positives and optimize WAF performance.
• Proxy Management
• Implement and manage Forcepoint Proxy to control and monitor web traffic.
• Regularly assess proxy configurations to ensure adherence to security policies and prevent unauthorized access.
• Collaborate with IT to troubleshoot proxy-related issues and optimize performance.
• Data Loss Prevention (DLP)
• Utilize Forcepoint DLP to implement data protection strategies and prevent data leaks.
• Conduct risk assessments to identify data loss vectors and implement controls.
• Develop data classification and handling guidelines with relevant departments.
• Vulnerability Assessment and Penetration Testing (VAPT) Coordination
• Plan, coordinate, and conduct regular VAPT activities for web and mobile applications.
• Analyze findings from VAPT and provide actionable recommendations for risk mitigation.
• Engage third-party security vendors when necessary and ensure testing aligns with industry best practices.
• Internal Security Assessments
• Conduct security assessments and audits on internal applications and systems, especially in the digital domain.
• Develop assessment plans, perform risk analysis, and provide clear reporting on assessment results and remediation plans.
• Compliance and Documentation
• Ensure compliance with industry standards, regulations, and internal policies.
• Document security processes, incident responses, and findings from assessments and tests.
• Maintain updated records of digital security protocols and practices.
• Collaboration and Stakeholder Management
• Work with IT, development, legal, and compliance teams to implement and monitor security controls.
• Serve as the primary point of contact for coordinating security assessments with stakeholders.
• Conduct training and awareness sessions on security best practices for relevant stakeholders.
  

• Educational Background: Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or a related field. Relevant certifications (e.g., CEH, OSCP) are preferred.
• Experience:
• 5+ years of experience in cybersecurity, specifically in WAF, Proxy, DLP, VAPT, and security assessments for web and mobile applications.
• Proven track record in coordinating VAPT activities and managing third-party security vendors.
• Technical Skills:
• Experience with Forcepoint Proxy and DLP, F5 WAF, and VAPT tools (e.g., Burp Suite, OWASP ZAP).
• Familiarity with security standards and frameworks (e.g., OWASP, ISO 27001, PCI-DSS).
• Understanding of vulnerability scanning, risk assessment methodologies, and secure coding practices.
• Optional: Knowledge of DevSecOps practices and tools is a plus.
• Soft Skills:
• Strong communication and coordination skills to work effectively across departments.
• Analytical mindset and problem-solving abilities.
• Ability to document findings and communicate in both technical and non-technical terms.
  

• Certifications: CEH, OSCP, or other relevant security certifications.
• Industry Experience: Prior experience in digital security assessment within financial, retail, or healthcare industries.

• Seniority levelNot Applicable

• Employment typeContract

• Job functionInformation Technology
• IndustriesIT Services and IT Consulting

Referrals increase your chances of interviewing at Dicetek LLC by 2x

Get notified about new Security Consultant jobs in Dubai, Dubai, United Arab Emirates.

Dubai, Dubai, United Arab Emirates 1 year ago

Ajman, Ajman Emirate, United Arab Emirates 5 months ago

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

Security Threat Assessment & Compliance Specialist

Netsentries is a leading provider of comprehensive cybersecurity solutions, dedicated to safeguarding organizations against evolving cyber threats. We are committed to ensuring the security and integrity of our clients' operations, systems, and data. As part of our dedication to maintaining high standards of security, we are seeking a talented and experienced Security Threat Assessment & Compliance Specialist to join our team.

As a Security Threat Assessment & Compliance Specialist, you will play a critical role in enhancing our clients' cyber readiness and ensuring compliance with relevant regulations and standards. You will be responsible for conducting thorough security assessments, identifying vulnerabilities, and implementing effective remediation measures. Additionally, you will oversee compliance initiatives and ensure that our clients' security practices align with industry best practices and regulatory requirements.

Responsibilities:

• Conduct comprehensive security assessments of client systems, networks, and applications to identify potential vulnerabilities and risks.
• Develop and implement security policies, procedures, and controls to mitigate identified risks and enhance overall security posture.
• Collect open-source intelligence on threats and vulnerabilities applicable to client technology stack.
• Participate in event planning stages to develop cyber assessment plans and conduct assessment tests against client installations and controls.
• Ensure threat controls and systems are reviewed for appropriate, effective, and optimal configuration.
• Identify and track IT risks and gaps and collaborate with clients on remediation activities.
• Responsible for threat activity reporting and insight on client IT technology assets.
• Manage ad-hoc review and reporting requests from stakeholders.
• Research and implement new technologies and processes to enhance security maturity.
• Build lasting relationships with clients and stakeholders to influence remediation efforts and garner support for investments in information security.

Requirements:

• Bachelor's or Master's degree in Computer Science, Mathematics, or equivalent discipline.
• Certifications such as CISSP, OSCP, OSCE, CREST, GPEN, SANS GWAPT preferred.
• 3-5 years of experience in technical cybersecurity.
• Proficiency in scripting languages such as Bash, Perl, Python, or R.
• Experience with machine learning frameworks and code development.
• Knowledge of malware scanning tools and threat modeling frameworks.
• Familiarity with security scanning solutions such as Tenable Security Center, Qualys, etc.
• Strong technical, managerial, and interpersonal skills.
• Ability to think analytically, communicate effectively, and work collaboratively in a team environment.

Benefits:

• Competitive salary and benefits package
• Opportunities for professional development and advancement
• Flexible work environment
• Dynamic and collaborative company culture

If you are passionate about cybersecurity and compliance and are looking for an opportunity to make a meaningful impact, we encourage you to apply for the position of Security Threat Assessment & Compliance Specialist at Netsentries. Join us in our mission to protect organizations from cyber threats and ensure compliance with regulatory requirements. Apply now!

• Conduct comprehensive security assessments of client systems, networks, and applications to identify potential vulnerabilities and risks.
• Develop and implement security policies, procedures, and controls to mitigate identified risks and enhance overall security posture.
• Collect open-source intelligence on threats and vulnerabilities applicable to client technology stack.
• Participate in event planning stages to develop cyber assessment plans and conduct assessment tests against client installations and controls.
• Ensure threat controls and systems are reviewed for appropriate, effective, and optimal configuration.
• Identify and track IT risks and gaps and collaborate with clients on remediation activities.
• Responsible for threat activity reporting and insight on client IT technology assets.
• Manage ad-hoc review and reporting requests from stakeholders.
• Research and implement new technologies and processes to enhance security maturity.
• Build lasting relationships with clients and stakeholders to influence remediation efforts and garner support for investments in information security.

• Bachelor's or Master's degree in Computer Science, Mathematics, or equivalent discipline.
• Certifications such as CISSP, OSCP, OSCE, CREST, GPEN, SANS GWAPT preferred.
• 3-5 years of experience in technical cybersecurity.
• Proficiency in scripting languages such as Bash, Perl, Python, or R.
• Experience with machine learning frameworks and code development.
• Knowledge of malware scanning tools and threat modeling frameworks.
• Familiarity with security scanning solutions such as Tenable Security Center, Qualys, etc.
• Strong technical, managerial, and interpersonal skills.
• Ability to think analytically, communicate effectively, and work collaboratively in a team environment.

• Competitive salary and benefits package
• Opportunities for professional development and advancement
• Flexible work environment
• Dynamic and collaborative company culture

As an IT Security & Compliance specialist at BlackStone eIT, you will be responsible for ensuring the security of our information systems and compliance with regulatory requirements. Your expertise will help safeguard sensitive data and protect our IT infrastructure against potential threats while ensuring adherence to legal and industry standards.

Key Responsibilities :

• Develop, implement, and maintain security policies, procedures, and compliance frameworks to ensure the protection of organizational data and IT assets.
• Conduct regular security assessments and audits to identify vulnerabilities and compliance gaps.
• Monitor and analyze security incidents, ensuring timely response and resolution.
• Collaborate with cross-functional teams to promote security best practices and ensure compliance with relevant regulations.
• Provide training and awareness programs to staff on security practices and regulatory requirements.
• Stay updated on the latest trends in IT security and compliance to continuously improve our practices.
• Prepare and present reports on compliance status and security incidents to management.
• Assist in incident response planning and execution.
• Work closely with legal and regulatory bodies to ensure compliance with applicable laws.

Requirements

• Bachelor's degree in Cybersecurity, Information Technology, or a related field.
• Minimum of 3-5 years of experience in IT security and compliance roles.
• Strong knowledge of information security policies, compliance frameworks (such as ISO 27001, NIST, GDPR), and risk management processes.
• Experience with security tools and technologies, such as firewalls, intrusion detection systems, and SIEM.
• Understanding of IT governance practices and regulatory requirements.
• Excellent analytical and problem-solving skills.
• Strong communication skills, with the ability to articulate technical issues to non-technical audiences.
• CISSP, CISM, or similar certification is preferred.
• Ability to work independently and manage multiple projects effectively.
• Detail-oriented with strong organizational skills.

This role involves overseeing the daily security operations of security solutions, conducting compliance audits, and ensuring adherence to regulatory standards such as UAE IA and PCI-DSS.

The ideal candidate will have experience in vulnerability management, malware protection, data security, web application security, and network security. They will also be responsible for conducting technology risk assessments, ensuring system/application/OS hardening requirements, and coordinating with vendors to resolve technical issues on time.

• Oversee day-to-day security operations of security solutions.
• Conduct/comply with compliance audits.
• Ensure adherence to regulatory standards.
• Conduct technology risk assessments.
• Ensure system/application/OS hardening requirements.
• Coordinate with vendors to resolve technical issues.

Mandatory Technical Skills:

• Strong understanding of OSI layers and protective technologies.
• Experience in certificate lifecycle management.
• Excellent troubleshooting skills.
• Experience in conducting/coordinating penetration testing and remediation.
• Hands-on experience with minimum of 3 technologies: Cisco WSA, F5 AWAF, Imperva DAM, Forcepoint DLP, CyberArk, Luna HSM, Opswat, Extrahop NDR.

Optional Technical Skills:

• AV, EDR, Bolden James Classifierer, Cisco ESA, NNT FIM, IAM, Tenable, Netsparker.

Mandatory Soft Skills:

• Effective communication skills, both verbal and written.
• Strong sense of accountability.
• Willingness to adopt and learn new technologies and solutions.

This role requires a strong commitment to maintaining the highest level of security and compliance standards.

As a member of our team, you will have access to ongoing training and development opportunities, a collaborative work environment, and the chance to work on challenging projects that contribute to the growth and success of the company.

Abu Dhabi, United Arab Emirates | Posted on 08/21/2024

Job Description: Senior Specialist in Application and System Penetration Testing

Position Overview:
ValueMentor is seeking a highly skilled and experienced Senior Specialist in Application and System Penetration Testing to join our Cybersecurity team. This role is crucial in identifying and mitigating security vulnerabilities in web and mobile applications, as well as in system infrastructure. The successful candidate will have a strong background in both application and system penetration testing, with a proven ability to uncover security flaws and recommend effective remediation strategies.

Key Responsibilities:

1. Penetration Testing:
   Conduct comprehensive penetration tests on web and mobile applications to identify security vulnerabilities and weaknesses.
2. Perform system penetration testing on various platforms including Windows, Linux, and network devices.
3. Utilize industry-standard penetration testing tools and methodologies to uncover security flaws.
4. Vulnerability Identification and Exploitation:
   Identify and exploit vulnerabilities in applications and systems, including but not limited to Injection, authentication and authorization issues, and buffer overflows.
5. Simulate advanced persistent threats (APTs) and other sophisticated attack scenarios.
6. Tool Management and Development:
   Configure, manage, and optimize penetration testing tools such as Burp Suite, Metasploit, Nmap, and others.
7. Develop custom scripts and tools to enhance penetration testing capabilities.
8. Documentation and Reporting:
   Create detailed and comprehensive reports of penetration testing findings.
9. Document identified vulnerabilities, exploitation techniques, and provide actionable recommendations for remediation.
10. Maintain records of penetration tests, including methodologies, tools used, and remediation efforts.
11. Compliance and Standards:
    Ensure all penetration tests adhere to relevant industry standards, regulations, and compliance requirements.
12. Assist in the development and maintenance of security policies and procedures related to penetration testing.

Qualifications:

1. Bachelor’s degree in computer science, Information Security, or a related field.
2. Minimum of 5 years of experience in penetration testing, application security, or a related discipline.
3. Proficiency in penetration testing tools such as Burp Suite, Metasploit, Nmap, OWASP ZAP, etc.
4. Strong understanding of web and mobile application security, Azure environment including common vulnerabilities and attack vectors.
5. Experience with system penetration testing on various platforms including Windows and Linux.
6. Excellent analytical, problem-solving, and communication skills.
7. Relevant certifications such as OSCP, OSWE, OSEP, OSED are preferred.
8. Active participation in CTF and bug bounty are preferred.

Skills and Competencies:

1. Expertise in both application and system penetration testing methodologies and tools.
2. Strong understanding of secure coding principles and application security best practices.
3. Excellent technical writing skills for clear and concise documentation.
4. Ability to work independently and as part of a team in a fast-paced environment.
5. Knowledge of programming and scripting languages (e.g., Python, Java, Bash) is a plus.

Abu Dhabi, United Arab Emirates | Posted on 08/21/2024

Job Description: Senior Specialist in Application and System Penetration Testing

Position Overview:
ValueMentor is seeking a highly skilled and experienced Senior Specialist in Application and System Penetration Testing to join our Cybersecurity team. This role is crucial in identifying and mitigating security vulnerabilities in web and mobile applications, as well as in system infrastructure. The successful candidate will have a strong background in both application and system penetration testing, with a proven ability to uncover security flaws and recommend effective remediation strategies.

Key Responsibilities:

• Penetration Testing:
  Conduct comprehensive penetration tests on web and mobile applications to identify security vulnerabilities and weaknesses.
• Perform system penetration testing on various platforms including Windows, Linux, and network devices.
• Utilize industry-standard penetration testing tools and methodologies to uncover security flaws.
• Vulnerability Identification and Exploitation:
  Identify and exploit vulnerabilities in applications and systems, including but not limited to Injection, authentication and authorization issues, and buffer overflows.
• Simulate advanced persistent threats (APTs) and other sophisticated attack scenarios.
• Tool Management and Development:
  Configure, manage, and optimize penetration testing tools such as Burp Suite, Metasploit, Nmap, and others.
• Develop custom scripts and tools to enhance penetration testing capabilities.
• Documentation and Reporting:
  Create detailed and comprehensive reports of penetration testing findings.
• Document identified vulnerabilities, exploitation techniques, and provide actionable recommendations for remediation.
• Maintain records of penetration tests, including methodologies, tools used, and remediation efforts.
• Compliance and Standards:
  Ensure all penetration tests adhere to relevant industry standards, regulations, and compliance requirements.
• Assist in the development and maintenance of security policies and procedures related to penetration testing.

Qualifications:

• Bachelor’s degree in computer science, Information Security, or a related field.
• Minimum of 5 years of experience in penetration testing, application security, or a related discipline.
• Proficiency in penetration testing tools such as Burp Suite, Metasploit, Nmap, OWASP ZAP, etc.
• Strong understanding of web and mobile application security, Azure environment including common vulnerabilities and attack vectors.
• Experience with system penetration testing on various platforms including Windows and Linux.
• Excellent analytical, problem-solving, and communication skills.
• Relevant certifications such as OSCP, OSWE, OSEP, OSED are preferred.
• Active participation in CTF and bug bounty are preferred.

Skills and Competencies:

• Expertise in both application and system penetration testing methodologies and tools.
• Strong understanding of secure coding principles and application security best practices.
• Excellent technical writing skills for clear and concise documentation.
• Ability to work independently and as part of a team in a fast-paced environment.
• Knowledge of programming and scripting languages (e.g., Python, Java, Bash) is a plus.

About us

Are you excited by FinTech and ready to make a real impact in a fast-moving company where your choices drive change? Altery might be your next big adventure!

We are seeking an IT and security compliance manager who will be responsible for developing, maintaining, and updating comprehensive documentation related to the organisation’s IT systems and cybersecurity policies.

This role involves translating complex technical information into clear, user-friendly content for both technical and non-technical audiences. The Technical Writer will collaborate closely with IT, cybersecurity, and compliance teams to ensure that all documentation is accurate, up-to-date, and aligned with industry standards and regulatory requirements.

Key deliverables include technical guides, user manuals, policies, procedures, and training materials that support the organisation’s overall IT and cybersecurity strategy.

What you will be doing:

• Support and development of documentation.
• IT and IS risk management.
• Ensuring compliance with regulatory and statutory requirements.
• Organising and conducting internal and external audits.
• Conducting Due Diligence procedures of both company partners and participating in similar audits by partners as a technical expert with preparation of necessary documentation. Carrying out regular evaluations.
• Preparation of internal monthly reports of the division.

What you’ll bring to us:

• Experience in developing IT and IS organisational and administrative documents (policies, standards, regulations) in the financial/banking sector in English.
• Knowledge and understanding of key IS requirements and best practices in the financial sector.
• Familiarity with European and international IT and IS legislation, conducting audits, gap analyses and compliance with national and international IS standards.
• Proficiency in modern IT technologies, operating systems, database management systems.
• Knowing the architecture of modern information systems.
• Awareness of the main means and systems of information protection and current IS threats, vulnerabilities and attacks on information systems.

Our offer

• Team and our Product: We are team players and we are passionate about our product and understand what we aim to achieve and the impact it will make.
• Growth Opportunities : You can Influence and shape our story while advancing your career.
• Flexibility: We always listen to our people and can be flexible with arrangements.
• Hybrid Working: We don’t expect you to be in the office every day.
• Local Market Perks: Enjoy insurance coverage, local perks, and beautiful offices.

Why to join us

We may not be perfect, but our strength lies in our resilience. Facing challenges with our expertise, positive attitude, and a supportive environment where everyone relies on one another gives us confidence in what we do. We empower our people to make decisions, explore, and experiment — micromanagement isn’t our style. We reward those who take on additional responsibilities and go the extra mile.

We are proud of how diverse and unique we are. We thrive on diverse views, love learning from one another, and believe that our differences fuel our curiosity.

About us

Are you excited by FinTech and ready to make a real impact in a fast-moving company where your choices drive change? Altery might be your next big adventure!

We are seeking an IT and security compliance manager who will be responsible for developing, maintaining, and updating comprehensive documentation related to the organisation’s IT systems and cybersecurity policies.

This role involves translating complex technical information into clear, user-friendly content for both technical and non-technical audiences. The Technical Writer will collaborate closely with IT, cybersecurity, and compliance teams to ensure that all documentation is accurate, up-to-date, and aligned with industry standards and regulatory requirements.

Key deliverables include technical guides, user manuals, policies, procedures, and training materials that support the organisation’s overall IT and cybersecurity strategy.

What you will be doing:

• Support and development of documentation.
• IT and IS risk management.
• Ensuring compliance with regulatory and statutory requirements.
• Organising and conducting internal and external audits.
• Conducting Due Diligence procedures of both company partners and participating in similar audits by partners as a technical expert with preparation of necessary documentation. Carrying out regular evaluations.
• Preparation of internal monthly reports of the division.

What you’ll bring to us:

• Experience in developing IT and IS organisational and administrative documents (policies, standards, regulations) in the financial/banking sector in English.
• Knowledge and understanding of key IS requirements and best practices in the financial sector.
• Familiarity with European and international IT and IS legislation, conducting audits, gap analyses and compliance with national and international IS standards.
• Proficiency in modern IT technologies, operating systems, database management systems.
• Knowing the architecture of modern information systems.
• Awareness of the main means and systems of information protection and current IS threats, vulnerabilities and attacks on information systems.

Our offer

• Team and our Product: We are team players and we are passionate about our product and understand what we aim to achieve and the impact it will make.
• Growth Opportunities: You can Influence and shape our story while advancing your career.
• Flexibility: We always listen to our people and can be flexible with arrangements.
• Hybrid Working: We don’t expect you to be in the office every day.
• Local Market Perks: Enjoy insurance coverage, local perks, and beautiful offices.

Why to join us

We may not be perfect, but our strength lies in our resilience. Facing challenges with our expertise, positive attitude, and a supportive environment where everyone relies on one another gives us confidence in what we do. We empower our people to make decisions, explore, and experiment — micromanagement isn’t our style. We reward those who take on additional responsibilities and go the extra mile.

We are proud of how diverse and unique we are. We thrive on diverse views, love learning from one another, and believe that our differences fuel our curiosity.