At IBM, we believe cybersecurity is at the core of our clients' digital transformation journeys. Our Penetration Testing team is committed to proactively identifying and mitigating security risks in both on-premises and cloud-based environments. We are looking for a highly skilled Senior Offensive Security Consultant to join our cybersecurity services team. If you are passionate about offensive security, thrive in red teaming scenarios, and have a proven track record in vulnerability research or bug bounties, we’d love to hear from you!
Your Role and Responsibilities:
- Lead and execute advanced security testing and red teaming engagements to simulate real-world adversary tactics.
- Develop, test, and deploy offensive tools and techniques.
- Collaborate with blue teams to identify and strengthen weaknesses across systems and applications.
- Conduct adversary emulation and threat modeling to improve detection and response capabilities.
- Research and stay ahead of emerging threats, vulnerabilities, and attack vectors.
- Deliver comprehensive reports and presentations in both English and Arabic to clients and internal stakeholders.
Required Technical and Professional Expertise:
- Technical Knowledge: Proficient in penetration testing methodologies (OWASP, NIST, PTES), network security protocols, with a deep understanding of web application security and network vulnerabilities.
- Tools Expertise: Familiarity with penetration testing tools such as Burp Suite, Metasploit, Nessus, Nmap, and Wireshark.
- Programming & Scripting Skills: Experience with scripting languages (e.g., Python, Bash, PowerShell, or Ruby) to automate tasks or develop custom exploits.
- Experience in Exploit Development: Ability to identify and exploit vulnerabilities across different platforms and services (Windows, Linux, macOS, Web Applications, Cloud, etc.).
- Risk Management: Ability to prioritize vulnerabilities based on risk to business operations and present findings to technical and non-technical stakeholders.
- Certifications: Industry-recognized certifications such as Offensive Security Certified Professional (OSCP), Certified Ethical Hacker (CEH), or GIAC Penetration Tester (GPEN) are highly desirable.
- Communication Skills: Strong written and verbal communication skills to clearly articulate technical issues and findings to diverse audiences, including executives, IT teams, and developers.
Required Qualifications:
- Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or related field, or equivalent work experience.
- 3+ years of professional experience in penetration testing, ethical hacking, or cybersecurity assessments.
- Hands-on experience with different attack techniques, threat modeling, and vulnerability assessment tools.
Location: Dubai, Dubai, United Arab Emirates
Work Conditions: Hybrid, Full-time
