Senior Penetration Tester (Managed Services) Job in Riyadh

The dynamic job market in the Kingdom of Saudi Arabia, particularly in the capital city of Riyadh, is focused on strengthening its digital security infrastructure. This has created a critical demand for highly skilled cybersecurity professionals. This position offers a pivotal opportunity for a Senior Penetration Tester to join a specialized team operating within a Managed Services model, placing you at the forefront of defending clients' critical infrastructure against evolving cyber threats.

Job Description & Key Responsibilities

The successful candidate will occupy a strategic role, responsible for designing, executing, and evaluating comprehensive penetration testing campaigns. The mission extends beyond vulnerability discovery to providing deep, actionable insights for improving clients' security posture. In a managed services environment, your core responsibilities will include:

• Planning & Executing Penetration Tests: Conducting systematic and thorough security assessments of client systems, encompassing web applications, networks, cloud infrastructure, and potentially Industrial Control Systems (ICS/SCADA), following standard frameworks like OWASP, PTES, and NIST.
• Threat Modeling & Vulnerability Analysis: Identifying, assessing, and analyzing security vulnerabilities, understanding their context and potential impact on the client's business operations.
• Detailed Reporting & Presentation: Clearly documenting technical findings in reports that summarize risks, provide Proof of Concept (PoC), and recommend practical, time-bound remediation actions. You will also professionally present these findings to the client's team and management.
• Consultative Support & Guidance: Acting as an internal expert consultant for the managed services team and clients, clarifying security risks and assisting them in prioritizing remediation efforts.
• Research & Development: Staying abreast of the latest technologies, testing tools, and attack/defense methodologies in the cybersecurity landscape.
• Compliance & Standards: Ensuring all testing activities are performed according to the highest ethical standards, confidentiality agreements, and relevant legal and regulatory frameworks.

Qualifications & Essential Requirements

To be a successful candidate for this specialized role, you should meet the following criteria:

• Proven Experience: A minimum of 5 years of demonstrated experience in penetration testing and cybersecurity, with hands-on experience working within a Managed Services environment (e.g., for a Managed Security Service Provider - MSSP) or an internal IT services department offering similar services.
• Professional Certifications: Holding globally recognized certifications will significantly strengthen your application, such as:
  • OSCP (Offensive Security Certified Professional) - Highly preferred.
  • GPEN, GWAPT, or GXPN from SANS.
  • CEH (Certified Ethical Hacker).
  • Other advanced certifications like OSCE or OSEE.
• Advanced Technical Skills:
  • Deep proficiency with penetration testing tools (e.g., Metasploit, Burp Suite Pro, Cobalt Strike, Nmap).
  • Strong understanding of operating systems (Linux/Windows), networking, and protocols.
  • Experience in testing web and mobile (iOS/Android) applications.
  • Knowledge of wireless network security and social engineering.
  • Ability to script/write simple tools (using Python, Bash, or PowerShell) for task automation.
• Personal Skills:
  • Exceptional written and verbal communication skills, with the ability to explain complex technical issues to non-technical stakeholders.
  • Critical thinking and complex problem-solving abilities.
  • Ability to work independently and as part of a team.
  • High ethical integrity and strict confidentiality.

Work Environment & Location

You will be based at the company's offices in Riyadh, Kingdom of Saudi Arabia. Riyadh is a thriving economic and technological hub, investing heavily in digital transformation and cybersecurity as part of the Saudi Vision 2030. This environment offers diverse professional challenges and genuine opportunities for growth and impact on large-scale projects.

How to Apply for This Position

Applications for this role are processed through the regional job portal Naukrigulf. Interested candidates are advised to prepare the following:

1. Update your Curriculum Vitae (CV) comprehensively, highlighting specific experiences in penetration testing within a managed services scope, notable projects, and certifications obtained.
2. Prepare a concise Cover Letter explaining your interest in the role and how your experience aligns with the requirements of a managed services environment in Riyadh.
3. Search for the job listing titled "Senior Penetration Tester jobs in Managed Services in Riyadh" on the Naukrigulf website and submit your application through the official link provided.

This position represents an excellent career move for a security professional seeking a technical leadership role in a fast-growing and challenging market, where your work has a direct impact on securing leading organizations in the region.