Senior Cybersecurity Red Team Engineer

Job Description

 Conduct penetration testing and adversary simulation activities, including but not limited to:

• Network penetration testing
• Web application penetration testing
• Mobile application security testing
• Red team operations
  
  

 Simulate real-world cyberattacks to identify vulnerabilities in organizational systems.

 Develop and implement risk mitigation strategies to strengthen security posture.

 Review and provide guidance on the effectiveness and efficiency of security testing methodologies.

 Prepare clear, impactful reports with strategic, tactical, and technical recommendations.

 Present findings to stakeholders, ensuring a clear understanding of security risks and recommendations.

 Participate in exploit research and proof-of-concept (PoC) development.

 Contribute to the development of internal red team tools and cybersecurity testing frameworks.

 Create and maintain cybersecurity penetration testing playbooks and simulation guides.

 Provide mentorship and guidance to new red team members.

 Report on progress, achievements, challenges, and requirements to the Red Team Lead.

 Assess and monitor the organization's cybersecurity posture, ensuring best security practices are tested and applied effectively.

Qualifications And Requirements

Education & Certification:

 Bachelor’s degree in Cybersecurity, Information Security, Computer Science, or a related field.

 Professional certifications as OSCP, eWAPT, eWAPTX, SANS 506 corresponding certification, SANS 660 corresponding certification, CRTO, CRTP, CRTE, or CPTS.

Experience

 04 - 06 years of experience in penetration testing, red teaming, or ethical hacking roles.

 Saudi nationality is a must.

 Strong hands-on experience in network, web, and mobile penetration testing techniques.

 Experience with attack simulation frameworks, including MITRE ATT&CK, adversary emulation, and custom tool development.

 Knowledge of exploit development, scripting, and security research.

 Experience using penetration testing tools such as Burp Suite, Metasploit, Cobalt Strike, BloodHound, Empire, or similar frameworks.

 Familiarity with active directory security assessments and cloud security testing.

Technical Skills

 Proficiency in scripting languages such as Python, PowerShell, Bash, or Ruby.

 Ability to develop proof-of-concept exploits and modify existing attack techniques.

 Strong report-writing and communication skills, capable of explaining complex security issues to technical and non-technical audiences.

 Ability to work independently and within a team to conduct red team assessments.

 Strong analytical, problem-solving, and critical-thinking skills.

 Fluency in Arabic and English