Find The RightJob.
Penetration Tester
Evolvice is a nearshore technology services provider that helps businesses scale, innovate, and enhance efficiency. Since 2012, we’ve been developing software solutions and building high-performing remote teams. Today, we focus on integrating AI into business processes and providing IT and security support to drive digital transformation.
Originally based in Germany, we have established development hubs in Egypt, Ukraine, and Portugal and offices in Saudi Arabia. This international presence enables us to deliver high-quality, cost-effective solutions worldwide.
Our Services:
- Nearshore Teams – Build and scale remote teams of any size with expert engineers.
- AI-Powered Business Productivity – Leverage AI-driven software solutions to boost efficiency.
- Cybersecurity – Safeguard your business with advanced security assessments and services.
- Managed IT & Application Support – Ensure seamless operations with proactive IT management and support.
We’re proud to work with industry leaders like Bosch, Douglas, WTS, DHL, Tatweer, and GOSI, and many others. Combining German precision with nearshore agility, we provide secure, scalable, and cost-effective IT solutions tailored to your business needs.
Now we are looking for a VAPT consultant for our client.
Key Responsibilities:
- Provide continuous on-site professional cybersecurity services at the Authority’s headquarters.
- Commitment to daily on-site attendance and work at the Authority’s premises; remote work is not permitted.
- The contractor must have proven hands-on experience in penetration testing and the areas specified within the project scope.
- The contractor must hold relevant professional certifications in the field, such as OffSec, SANS, or equivalent.
- Experience in Web Application Penetration Testing.
- Experience in Network and Infrastructure Penetration Testing.
- Ability to perform Vulnerability Assessments using specialized security tools.
- Ability to conduct Secure Code Reviews.
- Ability to prepare professional technical reports including vulnerability descriptions, impact analysis, and remediation recommendations.
- Configuration Review & Hardening
- Review operating system configurations.
- Conduct Network Device Audits, including:
o Routers
o Switches
o Firewalls
- Review and assess encryption configurations (Encryption Assessment).
- Active Directory Security Assessment
- Identify Privilege Escalation Paths.
- Review Password Policies.
- Review Dormant Admin Accounts and unmanaged privileged accounts.
- Review Domain Trusts.
- Segmentation & Lateral Movement Testing
- Assume Breach Scenario.
- API Security Testing
- Assess vulnerabilities based on the OWASP API Top 10.
- Verify authorization controls, including Broken Object Level Authorization (BOLA).
- Container & Cloud Security
- Review Identity and Access Management (IAM) permissions in cloud environments to ensure compliance with the Principle of Least Privilege.
- Conduct a comprehensive security assessment of cloud environments.
- Phishing Campaign Execution
- Conduct phishing simulation campaigns.
- Comply with all cybersecurity policies and procedures approved by the Authority.
- Ability to work effectively within a team and coordinate with various technical teams.
- The total required service effort is 4,160 hours, covering all services.
Similar jobs
Senior Safety Engineer - Saudi National
Parsons
Riyadh, Saudi Arabia
7 days ago
Security Engineer, Specialist
Adree
Riyadh, Saudi Arabia
7 days ago
Domain consultant Strata Saudi Arabia (KSA)
Palo Alto Networks
Riyadh, Saudi Arabia
7 days ago
Cybersecurity Sales Specialist
Virtu Thinko
Al Khobar, Saudi Arabia
7 days ago
Cybersecurity Engineer
Air Products
Tabuk, Saudi Arabia
7 days ago
© 2026 Qureos. All rights reserved.