Senior Penetration Tester(Arabic Speaker)

• Perform penetration testing and vulnerability research on complex proprietary software, hardware, and client service environments.
• Identify and assess vulnerabilities in systems and applications using manual and automated testing methods, including the discovery and exploitation of code flaws,
  
  

misconfigurations, and insecure components.

• Build, maintain, and support Red Team testing infrastructure and simulation capabilities.
• Build, maintain, and operate Red Team infrastructure to support advanced testing and simulation activities.
• Support the enhancement of vulnerability assessment practices, penetration testing procedures, secure development practices, and automation initiatives.
• Contribute to uplifting the security posture of government digital services through advanced testing techniques, knowledge transfer, and continuous improvement
  
  

initiatives.

• Monitor and keep cybersecurity knowledge current by tracking the latest security threats, vulnerabilities, and attack trends.
• Prepare and deliver clear, comprehensive penetration testing and vulnerability assessment reports, including findings, risk impact, technical evidence, and remediation
  
  

recommendations.

• Provide technical advisory support to teams to assist in remediation and risk-mitigation activities.
• Develop and deliver internal training materials and knowledge-transfer sessions to upskill cybersecurity staff.
  
  

The Consultant Shall Provide, At Minimum, The Following Deliverables

• Penetration testing and vulnerability assessment reports
• Red Team testing outputs and technical artefacts (where applicable)
• Remediation and risk-mitigation recommendation reports
• Internal training and knowledge-transfer materials
• Periodic progress and activity status reports, as required
  
  

Technical Specification

Use Internationally Recognized Cybersecurity And Testing Frameworks Such As

ISO 27001, ISO 22301, NIST SP-800-53, NIST SP-800-115, MITRE ATT&CK, OWASP Testing Framework, PTES, OSSTMM.

• Apply structured and repeatable methodologies for:
• Penetration testing
• Vulnerability assessment and validation
• Security hardening and configuration review
• Use evidence-based assessment and reporting approaches supported by logs, screenshots, samples, or technical proof-of-concepts.