Navbar Example Job Listings
Security Tester
← BACK

Security Tester

DESCRIPTION:

About Us

KUALITATEM is a global Consulting, Audit, and Assurance company specializing in Software Quality Assurance, Information Security, Technology Process Optimization, and Cloud Infrastructure. As an ISO 9001:2015 and ISO 27001:2013 certified organization, we deliver excellence and measurable value to clients worldwide across banking, fintech, healthcare, telecom, and enterprise domains.

Role Summary

We are seeking an experienced Security Tester to join our team in KSA. The candidate will be responsible for conducting comprehensive security assessments across applications, networks, and source code, with a focus on the financial sector. The role requires hands-on expertise in penetration testing, API security, and compliance-driven testing frameworks.

Key Responsibilities

  • Conduct network and application penetration testing engagements.
  • Perform source code security reviews to identify vulnerabilities.
  • Execute API security assessments and define API security requirements.
  • Carry out security testing aligned with PCI DSS and PCI 3DS compliance requirements.
  • Document and report findings with clear remediation recommendations.
  • Coordinate with development and infrastructure teams on vulnerability remediation.
  • Utilize industry-standard security testing tools to automate and enhance assessments.
  • Stay current with emerging threats, attack vectors, and security best practices.

Required Experience

  • Minimum 4 years of hands-on security testing experience within the KSA financial sector, preferably in banking.
  • Proven experience in network penetration testing and web/mobile application penetration testing.
  • Practical experience in source code security review.
  • Solid understanding of API security requirements and testing methodologies.
  • Familiarity with a range of security testing tools (e.g., Burp Suite, Nmap, Metasploit, OWASP ZAP, Nessus, or equivalent).
  • Experience with PCI DSS security testing requirements.
  • Experience with PCI 3DS security testing is a strong added advantage.

Required Certifications

Candidates must hold one or more of the following (or equivalent industry-recognized certifications):

  • OSCP – Offensive Security Certified Professional
  • CEH – Certified Ethical Hacker
  • GPEN – GIAC Penetration Tester
  • GWAPT – GIAC Web Application Penetration Tester
  • CREST CRT / CCT
  • CompTIA PenTest+
  • Any other relevant security certification will be considered.

Technical Skills

  • Network protocols, firewalls, IDS/IPS, and infrastructure security concepts.
  • Web application vulnerabilities (OWASP Top 10) and secure coding practices.
  • API security standards (REST, SOAP, OAuth, JWT).
  • PCI DSS compliance framework and testing requirements.
  • PCI 3DS compliance and testing (advantageous).
  • Static and dynamic application security testing (SAST/DAST).
  • Scripting or automation knowledge (Python, Bash, or similar) is an advantage.

Additional Requirements

  • Must be based in or willing to work in KSA.
  • Strong written and verbal communication skills in English; Arabic is an advantage.
  • Ability to deliver clear and professional security assessment reports.
  • High level of integrity and adherence to ethical standards in security testing.

 

Note: Only candidates meeting the minimum experience requirements in the KSA financial sector will be considered. Possession of PCI DSS and PCI 3DS-related experience will be given preference during shortlisting.

Riyadh

  • Location: Riyadh
  • Openings: 3
  • Salary Range: