Vulnerability Assessment and Penetration Testing

4 weeks ago

Islamabad, Islamabad, Pakistan Lendo Full time

We are seeking a hands-on and detail-oriented Vulnerability Assessment and Penetration Testing (VAPT) Specialist to lead our offensive security efforts through penetration testing and vulnerability assessments across web applications, networks, and mobile apps.

The primary responsibility of this role is to identify and validate security weaknesses through structured offensive testing, manage and interpret vulnerability scan data (e.g., Qualys), and coordinate remediation with internal teams. The role will also support our broader threat management function by staying aware of emerging threats and vulnerabilities that may impact our systems.

This is a great opportunity to join a fast-paced, security-focused FinTech organization operating under regulatory frameworks such as SAMA CSF and PDPL.

Penetration Testing

  1. Plan, execute, and document penetration tests on web applications, APIs, mobile apps, and networks.

  2. Perform manual and automated testing to uncover real-world security weaknesses (OWASP Top 10, Mobile Top 10, etc.).

  3. Deliver detailed reports with impact analysis, reproduction steps, and mitigation recommendations.

Vulnerability Management

  1. Conduct vulnerability scans using Qualys (or similar tools) on a scheduled and ad-hoc basis.

  2. Analyze and prioritize findings based on risk, business impact, and exploitability.

  3. Collaborate with IT, DevOps, and Engineering teams to ensure timely and effective remediation.

  4. Maintain metrics and dashboards to track remediation progress and vulnerability trends.

Threat Monitoring & Risk Awareness

  1. Stay up to date with zero-day vulnerabilities, CVEs, and emerging threats.

  2. Assess organizational exposure to global threat intelligence and advise relevant teams when needed.

  3. Work alongside the SOC team or MSSP to support incident investigation or escalation when testing reveals high-risk scenarios.

Collaboration & Governance

  1. Coordinate with internal teams to ensure timely patching and resolution of vulnerabilities.

  2. Provide advisory support during new infrastructure deployments or application launches.

  3. Contribute to compliance initiatives aligned with SAMA CSF, PDPL, and NCA frameworks.

Qualifications and Skills:

Required Education & Experience:

  1. Bachelor's degree in Cybersecurity, Information Security, Computer Science, or a related field.

  2. Minimum 7 years of hands-on experience in penetration testing and vulnerability management.

  3. Demonstrated experience with tools such as (but not limited to): Burp Suite, Qualys, Nessus, Nmap, MobSF, Frida, Metasploit, Wireshark, etc.

Skills & Knowledge:

  1. Deep understanding of OWASP Top 10, and secure coding flaws.

  2. Strong grasp of network architecture, web protocols, mobile platforms, and cloud environments.

  3. Familiarity with SAMA CSF, PDPL, or similar regulatory/compliance frameworks is a must.

  4. Understanding of threat modeling and attacker TTPs (MITRE ATT&CK) is a plus.

Education and Certifications:

  1. Practical certifications such as (OSCP / OSWE / CRTO / OSCE … etc.)

  2. Bonus: Any cloud security or mobile testing certifications

Personal Attributes:

  1. Excellent verbal and written communication skills in English and Arabic.

  2. Ability to convey technical findings to non-technical stakeholders.

  3. Strong analytical mindset and attention to detail.

  4. Proactive, collaborative, and passionate about continuous learning and security excellence.

#J-18808-Ljbffr

  • Penetration Testing Specialist

    12 hours ago

    Islamabad, Islamabad, Pakistan beBee Careers Full time

    About the RoleWe require a seasoned PEN Tester - Crest Registered (CRT) with a strong background in offensive security techniques to conduct advanced security assessments and penetration testing activities across various platforms.Key Responsibilities:Conduct penetration tests against web applications, networks, infrastructure, and databasesIdentify and...

  • Vulnerability Expert

    2 weeks ago

    Islamabad, Islamabad, Pakistan beBee Careers Full time

    We are seeking a skilled Vulnerability Expert to lead our offensive security efforts through penetration testing and vulnerability assessments across web applications, networks, and mobile apps. The primary responsibility of this role is to identify and validate security weaknesses through structured offensive testing, manage and interpret vulnerability scan...

  • Security Assessment Professional

    12 hours ago

    Islamabad, Islamabad, Pakistan beBee Careers Full time

    Cybersecurity OpportunityWe seek a qualified Penetration Testing Specialist to join our cybersecurity team. The ideal candidate will have a deep understanding of security techniques and experience in conducting penetration tests across various platforms.Key Tasks:Design, execute, and report on penetration testsIdentify and evaluate security vulnerabilities...

  • Penetration Tester

    1 day ago

    Islamabad, Islamabad, Pakistan Translation Empire PK Full time

    About the Job:Translation Empire is seeking a PEN Tester - Crest Registered (CRT) to join our cybersecurity team. The ideal candidate will be responsible for conducting advanced security assessments and penetration testing activities across networks, applications, cloud infrastructure, and mobile platforms. This role requires a deep understanding of...

  • Penetration Testing Specialist

    2 weeks ago

    Islamabad, Islamabad, Pakistan beBee Careers Full time

    The ideal candidate for this Penetration Testing Specialist position will have strong analytical skills, attention to detail, and excellent verbal and written communication skills in English and Arabic. The successful candidate will be able to convey technical findings to non-technical stakeholders and work collaboratively with internal teams to ensure...

  • Penetration Tester

    6 days ago

    Islamabad, Islamabad, Pakistan beBee Careers Full time

    Job RequirementsWe are looking for a highly skilled Cybersecurity Consultant to join our team. As a DevSecOps expert, you will be responsible for ensuring the security of our cloud infrastructure and applications.You will work closely with our development teams to integrate security into the software development lifecycle, using tools such as SonarQube,...

  • Security Assessment Professional

    2 weeks ago

    Islamabad, Islamabad, Pakistan beBee Careers Full time

    This Security Assessment Professional role requires a strong background in penetration testing, vulnerability management, and threat monitoring. The successful candidate will be responsible for identifying and validating security weaknesses through structured offensive testing, managing and interpreting vulnerability scan data, and coordinating remediation...

  • Cybersecurity Professional for Vulnerability Detection and Mitigation

    1 week ago

    Islamabad, Islamabad, Pakistan beBee Careers Full time

    Job DescriptionWe are seeking a highly skilled Cybersecurity Professional to lead our efforts in detecting and mitigating vulnerabilities in web applications, networks, and mobile apps.This is a great opportunity to work with a fast-paced, security-focused organization operating under regulatory frameworks.Key Responsibilities:Plan, execute, and document...

  • DevOps and Penetration Testing Expert

    4 days ago

    Islamabad, Islamabad, Pakistan beBee Careers Full time

    Skill Requirements:Expertise in DevSecOps/AppSec approaches and practicesKnowledge of analysis tools (SAST, SCA, DAST) and integration into CI/CD pipelinesExperience with automating security testing and vulnerability management processesImplementing security tools in Hybrid Cloud Environment (Kubernetes clusters)Familiarity with Cloud Service, Deployment and...

  • IT Security Expert L1/L2

    7 days ago

    Islamabad, Islamabad, Pakistan beBee Careers Full time

    Job DescriptionWe are seeking an IT Security Expert L1/L2 to join our team. The successful candidate will be responsible for performing penetration testing, identifying vulnerabilities, and implementing security measures to protect systems and information infrastructure.The ideal candidate will have a strong background in information security and experience...