Key Responsibilities
As a senior security engineer at EhsanLab, you will:
- Lead and execute penetration testing for web applications, network infrastructure, mobile applications, and client systems.
- Perform vulnerability assessments and source code reviews using both manual and automated tools.
- Contribute to red team operations, including simulated attack scenarios, lateral movement, and social engineering, aligned with the MITRE ATT&CK framework.
- Translate complex findings into clear security reports for both technical and business stakeholders.
- Implement and monitor information security controls aligned with global and regional governance standards and compliance frameworks.
- Collaborate with IT, cybersecurity teams, and executive leadership to mitigate risks and improve resilience.
Required Qualifications
To qualify for this role, you should bring:
- 2–5 years of professional experience in cybersecurity with a strong focus on penetration testing and vulnerability assessment.
- A bachelor’s degree or higher in Computer Science, Cybersecurity, or Computer Engineering (or equivalent).
- Hands-on expertise in at least two of the following areas:
- Web application penetration testing
- Network penetration testing
- Red team exercises
- Mobile application security
- Secure code review
- Familiarity with global and regional governance frameworks (e.g., ISO 27001, NIST, GDPR, or equivalent).
- Recognized cybersecurity certifications such as OSCP, OSEP, eWPTX, GPEN, GXPN.
- Strong knowledge of VAPT tools (Burp Suite, Kali Linux, Metasploit, Nessus, Acunetix, etc.).
- Excellent problem-solving, analytical, and communication skills.
- Proficiency in English, both written and spoken.
What We Offer
At EhsanLab, we value expertise and innovation. You’ll enjoy:
- Competitive salary
- Medical & social insurance
- Flexible working hours
- Location: On-site
- Exposure to international and regulatory-driven projects
- A dynamic environment with top-tier security engineers & industry experts
