Senior Offensive Security Engineer at Arab Bank

Arab Bank Jobs
Arab Bank Jobs

Job Description

  • Conduct advanced threat simulation and penetration test (Web, Network, APIs, Mobile, Cloud) across Arab Bank attack surface, software changes, and digital products.
  • Conduct internal and external red team activities and assess security controls effectiveness
  • Perform security code reviews, fuzzing, reverse engineering and penetration test from whitebox perspective.
  • Develop security tools and proof of concept of vulnerabilities.
  • Provide recommendations and guidance on security best practices to fix vulnerabilities and enhance security posture.
  • Work closely with cross-functional teams (Engineering, DevOps, DevSecOps, Risk) to discover and address security vulnerabilities.

Job Requirements

  • Degree from a recognized university in Computer Engineering, Computer Science or equivalent.
  • Holding any of the following industry certifications: OSWE, OSCE3, OSCP, GXPN, CRTO.
  • + 5 years of experience conducting Offensive Security Testing (Red teaming, purple teaming, threat intel, penetration testing)
  • Good experience in work related communication in a fast-paced dynamic environment.

Technical Competencies

  • Senior penetration tester and preferably with software development background.
  • Recognitions in public bug bounty programs and hall of fame, have registered public vulnerabilities CVEs, contribution to the public security community in research or blog, or open source development.
  • Experience conducting advanced penetration testing exercises (Web applications, Mobile Applications, APIs, and Cloud)
  • Experience in developing cybersecurity testing tools, and exploits development
  • Experience in cloud security testing (GCP, AWS, Azure)
  • Proficiency with one or more programming languages and MVC, preferably: JAVA, Spring Boot, javascript, PHP, C/C++, Python, GO, etc.
  • Ability to conduct manual source code review and whitebox security testing. Familiarity with related tools such as CodeQL.
  • Experience emulating advanced adversarial tactics, techniques and procedures TTP.
  • Familiarity with security public standards and testing methodologies: OWASP top 10 for Mobile, Web and API. OWASP Application Security Verification Standard (ASVS), MITRE ATT&CK, etc.
  • Proficiency in performing advanced mobile applications assessment (iOS/Android) and assessing mobile security controls and backend APIs.

Apply Via The Following Link

Jobx Team
Jobx helps people to find jobs and career opportunities that are offered by banks and companies.