Offensive Security Engineer

This role supports Cybersecurity practices, with direct alignment to client-facing penetration testing services across the Middle East and global markets. The engineer will contribute to traditional and AI-enabled penetration testing offerings, including application, API, network, cloud, and emerging LLM testing. The role is delivery-focused, highly client-facing, and supports company's differentiated approach combining automation with senior manual expertise.Primary ResponsibilitiesDeliver web application, API, and mobile application penetration tests aligned to OWASP Top 10 and PTES.Conduct internal and external network penetration testing and cloud security assessments (Azure, Microsoft 365, AWS, GCP).Support companys’ AI-enabled penetration testing model, validating automated findings and performing deep manual exploitation.Perform LLM and GenAI security assessments as part of companys’ advanced offensive offerings.Produce executive-ready reports and lead client readouts with clear remediation guidance.Collaborate with vCISO, IR, and advisory teams to support broader client security programs.Success Metrics (First 90 Days)Independently deliver scoped penetration tests across at least two service lines (application, network, or cloud).Lead client debriefs and clearly articulate risk and remediation to technical and executive stakeholders.Demonstrate proficiency in company reporting standards and tooling.Contribute improvements to testing playbooks or automation workflows.Required Technical SkillsStrong application security testing experience (web, API, authentication flows).Proficiency with Burp Suite and API testing tools (Postman/Insomnia).Solid Linux expertise and comfort operating in mixed OS environments.Scripting capability in Python, Bash, or PowerShell.Understanding of network protocols, exploitation paths, and cloud attack surfaces.Nice-to-Have / Senior-Level CapabilitiesExperience with Red Team or Purple Team engagements.Familiarity with MITRE ATT&CK and modern detection tooling (EDR/XDR).Cloud penetration testing depth (Azure and Microsoft 365 strongly preferred).Prior consulting or client-facing security experience.Working Style & ValuesHigh integrity and discretion when handling sensitive client environments.Strong written communication and attention to detail.Comfortable operating autonomously while collaborating with a global team.Continuous learner with a passion for offensive security.Certifications (Optional)OSCP, OSWA, CRTO, PNPT, or equivalent offensive security certifications are valued but not required.#J-18808-Ljbffr