Offensive Security Engineer

This role supports Cybersecurity practices, with direct alignment to client-facing penetration testing services across the Middle East and global markets. The engineer will contribute to traditional and AI-enabled penetration testing offerings, including application, API, network, cloud, and emerging LLM testing. The role is delivery-focused, highly client-facing, and supports company's differentiated approach combining automation with senior manual expertise.Primary ResponsibilitiesDeliver web application, API, and mobile application penetration tests aligned to OWASP Top 10 and PTESConduct internal and external network penetration testing and cloud security assessments (Azure, Microsoft 365, AWS, GCP)Support company's AI-enabled penetration testing model, validating automated findings and performing deep manual exploitationPerform LLM and GenAI security assessments as part of company's advanced offensive offeringsProduce executive-ready reports and lead client readouts with clear remediation guidanceCollaborate with vCISO, IR, and advisory teams to support broader client security programsSuccess Metrics (First 90 Days)Independently deliver scoped penetration tests across at least two service lines (application, network, or cloud)Lead client debriefs and clearly articulate risk and remediation to technical and executive stakeholdersDemonstrate proficiency in company reporting standards and toolingContribute improvements to testing playbooks or automation workflowsRequired Technical SkillsStrong application security testing experience (web, API, authentication flows)Proficiency with Burp Suite and API testing tools (Postman/Insomnia)Solid Linux expertise and comfort operating in mixed OS environmentsScripting capability in Python, Bash, or PowerShellUnderstanding of network protocols, exploitation paths, and cloud attack surfacesNice‑to‑Have / Senior‑Level CapabilitiesExperience with Red Team or Purple Team engagementsFamiliarity with MITRE ATT&CK and modern detection tooling (EDR/XDR)Cloud penetration testing depth (Azure and Microsoft 365 strongly preferred)Prior consulting or client-facing security experienceWorking Style & ValuesHigh integrity and discretion when handling sensitive client environmentsStrong written communication and attention to detailComfortable operating autonomously while collaborating with a global teamContinuous learner with a passion for offensive securityCertifications (Optional)OSCP, OSWA, CRTO, PNPT, or equivalent offensive security certifications are valued but not required.#J-18808-Ljbffr