Information Security Engineer - VAPT Specialist
Company: Tabby
Location: Riyadh, Saudi Arabia
Job Type: Full-time
Job Description
Tabby, a leading fintech company specializing in buy-now-pay-later (BNPL) solutions, is seeking a highly skilled Information Security Engineer specializing in Vulnerability Assessment and Penetration Testing (VAPT) to join its growing team in Riyadh, Saudi Arabia. The selected candidate will be responsible for safeguarding the company's digital infrastructure and ensuring the highest levels of cybersecurity.
As an Information Security Engineer at Tabby, you will be on the front lines of defense against cyber threats, with a specific focus on identifying and exploiting security vulnerabilities before attackers can. You will play a vital role in protecting sensitive customer data and ensuring business continuity.
Key Responsibilities
- Conduct internal and external penetration tests on web applications, mobile applications, and cloud infrastructure.
- Perform comprehensive vulnerability assessments across all company systems.
- Analyze test results and provide detailed reports with actionable remediation recommendations.
- Work closely with development and infrastructure teams to remediate discovered vulnerabilities.
- Develop and improve penetration testing methodologies and tools.
- Stay up-to-date with the latest security threats, attack techniques, and defense tools.
- Contribute to the development of information security policies and procedures.
- Conduct security code reviews when necessary.
- Participate in red team exercises and attack simulations.
Required Qualifications
- Bachelor's degree in Computer Science, Information Security, or a related field.
- Minimum of 3-5 years of experience in information security, with a clear focus on penetration testing and vulnerability assessment.
- Professional certifications such as OSCP, CEH, GPEN, GWAPT, or equivalent are highly desirable.
- Proficiency in using penetration testing tools like Burp Suite, Metasploit, Nmap, Nessus, and Kali Linux.
- Deep understanding of network protocols, operating systems (Windows/Linux), and web technologies.
- Experience in testing web applications and mobile applications (iOS/Android).
- Strong knowledge of security frameworks such as OWASP Top 10 and NIST.
- Excellent report writing and communication skills in English (Arabic is a plus).
- Ability to work independently and as part of a team.
Personal Skills
- Analytical and methodical problem-solving mindset.
- High attention to detail and accuracy.
- Strong work ethic and professional integrity.
- Passion for continuous learning and technical skill development.
- Ability to work under pressure and manage time effectively.
Why Work at Tabby?
Tabby is a fast-growing fintech startup that offers a dynamic and stimulating work environment. You will work with a team of technology and security experts and have the opportunity to tackle complex security challenges at one of the fastest-growing companies in the region.
How to Apply
If you possess the required skills and experience, we encourage you to apply through the link provided in the original job posting. Make sure to update your resume and attach any relevant professional certifications.