Penetration Tester – Associate/Consultant/Senior/SME (Onsite)(Job code DXB_160424_2)

Job Title: Penetration Tester / Offensive Security Consultant (Associate / Consultant / Senior / SME)
Company: NetSentries
Location: Dubai, Abu Dhabi – UAE
Employment Type: FULL_TIME

NetSentries is seeking skilled Penetration Testers and Offensive Security Consultants to join our dynamic Service Delivery team. This role offers the opportunity to work with large global enterprises, supporting their security assurance validation requirements. Candidates will thrive in a fast-paced, technology-driven environment, gaining exposure to cutting-edge security tools, techniques, and challenging client scenarios.

Key Responsibilities:

• Conduct intelligence-driven security assessments on internet-facing web applications.

• Perform security testing on internal and external software applications/services, including APIs (REST/SOAP/GraphQL), ESB, Middleware, and other integration channels.

• Execute penetration tests on public and private network infrastructure assets.

• Conduct code-aware penetration testing and security evaluation of iOS/Android mobile applications.

• Assess wireless networks and operational technology (OT) components.

• Evaluate cloud environments (AWS, Azure, GCP, or others) using automated tools, custom scripts, and configuration audits.

• Carry out internal and external adversary emulations, including Active Directory red teaming.

• Develop testing scripts, methodologies, and pre-engagement questionnaires for comprehensive assessments.

• Document and present technical findings and executive reports with actionable recommendations.

• Define penetration testing strategies and test cases for complex enterprise applications.

• Thoroughly document exploit chains and proof-of-concept scenarios for client use.

Required Skills & Experience:

• 3–6 years of relevant work experience; role level (Associate, Consultant, Senior, SME) will be determined based on expertise.

• Strong ability to work independently, prioritize tasks, and deliver methodically.

• Excellent written and verbal English communication skills, capable of presenting complex technical topics clearly.

• Proficient in manual and automated network security assessments using both open-source and commercial tools across various operating systems, networks, applications, and security devices.

• Hands-on knowledge of current attack techniques, penetration testing methods, and hacking tools, especially for web applications.

• Deep understanding of common software vulnerabilities, including OWASP Top 10 and CWE/SANS Top 25.

• Experience with tools such as Kali Linux, Metasploit, Nexpose, Nmap, Burp Suite, Paros, Nessus, AppScan, Core Impact, among others.

• Programming experience in Python, PHP, Perl, Ruby, .NET, or other interpreted/compiled languages.

• Familiarity with reverse engineering, exploit development, and mobile or industrial control systems is a plus.

• Security certifications like OSCP, OSWE, OSEP, OSCE, or CRTP are desirable.

• Adaptability to work in a dynamic international team with strong customer focus.

• Willingness to travel extensively, both domestically and internationally.

• Continuous learning mindset and eagerness to share knowledge.

Preferred Skills / Soft Skills:

• Analytical and problem-solving skills with attention to detail.

• Ability to moderate discussions, lead meetings, and act as a trusted technical advisor.

• Collaborative mindset with a strong orientation toward achieving results.

Benefits / Perks:

• Exposure to global enterprises and cutting-edge security projects.

• Opportunities for career growth and skill development in offensive security.

• Collaborative, international, and technology-driven work environment.

• Chance to work on diverse client environments across multiple industries.

NetSentries is a leading Enterprise Cyber Security Assessor for global banks and Forbes 2000 companies across four continents, delivering actionable insights to strengthen defensive capabilities and reduce cyber risk.