Overview
Cybersecurity VAPT Specialist Jobs in Riyadh, Riyadh, Saudi Arabia at CodeNinja Inc.
Title: Cybersecurity VAPT Specialist
Company: CodeNinja Inc.
Location: Riyadh, Riyadh, Saudi Arabia
Job Overview
We are seeking a highly skilled Vulnerability Assessment & Penetration Testing (VAPT) Specialist to join our cybersecurity team in Riyadh, Saudi Arabia. The ideal candidate will have 3+ years of hands-on experience in performing penetration testing, security assessments, and exploit development across web applications, networks, cloud environments, and enterprise systems.
As part of the offensive security team, you will play a critical role in identifying, analyzing, and mitigating security vulnerabilities in our IT infrastructure. You will also be responsible for ensuring compliance with SAMA, NCA, ISO 27001, and other regulatory standards.
If you are passionate about ethical hacking, security research, and helping organizations improve their cyber resilience, this role is for you!
Key Responsibilities
Conduct Vulnerability Assessments & Penetration Testing (VAPT) on:
Web applications, APIs, and mobile applications
Network infrastructure (internal/external)
Cloud environments (AWS, Azure, GCP)
Active Directory & Privileged Access Systems
Simulate real-world cyber threats using red teaming techniques and adversary emulation (MITRE ATT&CK-based)
Analyze and exploit vulnerabilities to demonstrate business impact and security risks
Develop proof-of-concept (PoC) exploits for identified vulnerabilities
Generate detailed security assessment reports with actionable recommendations for remediation
Ensure compliance with SAMA, NCA, ISO 27001, and PCI DSS cybersecurity frameworks
Collaborate with blue teams and security engineers to improve detection and response strategies
Stay updated on the latest cybersecurity threats, zero-day vulnerabilities, and hacking techniques
Requirements
Qualifications & Skills Required
3+ years of hands-on experience in penetration testing & vulnerability assessments
Strong knowledge of penetration testing tools (Burp Suite, Metasploit, Nmap, Nessus, Kali Linux, etc.)
Familiarity with scripting and exploit development (Python, Bash, PowerShell)
Experience with Active Directory security, privilege escalation, and lateral movement techniques
Knowledge of cloud security assessments (AWS, Azure, GCP)
Ability to generate clear, professional security reports and communicate findings effectively
Understanding of compliance frameworks (SAMA, NCA, ISO 27001, PCI DSS)
OSCP certification is highly preferable; other relevant certifications (CEH, GPEN, CISSP) are a plus
Fluent in Arabic and English (written & spoken)
Preferred Certification:
OSCP (Offensive Security Certified Professional)
