Please turn on your javascript Senior Information Security Consultant Job, Riyadh, SecurEyes - MIHNATI.COM

Apply For This Job


Never send checks, payment, or money transfers to employers for any purpose to secure a job posted. If you see any suspected fraud or any potential misuse of MIHNATI.COM, please send an e-mail to [email protected]

Job Description


About SecurEyes - SecurEyes is a pure-play information security consulting firm which started in 2005 with global offices & presence at India, UAE, Oman, KSA & USA. It specializes on Risk Assessment, GRC Consulting, Information Security Training and on-demand information security consulting. Our clients include large Government Organizations, Banks & Financial Services Institutions, International Airlines, Large Trading Houses and Public sector companies across the globe. We are technically focused with passion, integrity and with a strong belief in providing world-class services to our clients to create a difference in their information security environment.

Job Title – Associate Information Security Consultant/ Information Security Consultant

Job Location – Riyadh, Saudi Arabia.

Experience – 5 to 8 years

CTC – As per Industry Standard

Certification – OSCP (Mandatory), CEH, ECSA etc. 

Job Description

·         Managing portfolio of Information Security Assessment consultancy specifically for Application security domain for clients across the globe.

·         Demonstrating technical leadership in being up to date with latest trends and best practices associated with Application Security and ensuring dissemination of such information with the team.

·         Establish and maintain effective communication with key clients/customers and stakeholders for both new as well as existing projects

·         Building and managing a team of Consultants

·         Strong knowledge of the OWASP, SANS top 25, WASC security Standards and detailed knowledge of common web application attack vectors such as SQL injection, CSRF, XSS, Session Management issues, Direct Object reference, Click jacking, buffer overflows, etc.

·         Experience in performing application (web application, mobile application, thick client applications) security testing using manual techniques

·         Experience in configuration review of OS, DB & network devices

·         Experience in VA/PT of networks, servers, devices etc.

·         Experience in manual application penetration testing of thick client applications, mobile

·         Had performed manual mobile application penetration testing on platforms like Android, IOS etc.

·         Should have knowledge on Risk Rating Standards like DREAD, CVSS etc.

·         Good understanding of web application architecture and Secure development life cycle(SDLC).

·         Experience in threat modelling and risk analysis.

·         Understanding of software development methodologies such as waterfall, Rational Unified Process and Agile software development.

·         Experience in automated web application vulnerability scanners (e.g., AppScan, Web inspect, Accunetix, Burpsuite Pro, etc) is desirable.

·         Communicate with customer teams to explain and demonstrate vulnerabilities to application/system owners, and assist with the mitigation of the identified vulnerabilities.

·         Researching the latest security best practices, staying abreast of new threats and vulnerabilities and helping to disseminate this information within the group as well as the organization.

·         Conceive of and implement technical and process improvements.

Skills required/Expertise

·         5+ years of proven experience in application security domain

·         Candidate should complete OSCP Certification

·         A Bachelor or a Master’ s degree in B. E/ B. Tech/ M. Tech/ M.S.

·         Proficient in written and oral English communication skills.

·         Expertise in web application security testing.

·         Expertise in mobile application security testing.

·         Strong organizational, team-work, multi-tasking and time-management skills.

·         Ability to drive the consultant team.





CEH, Application Security, OSCP, ECSA, Web Application Security

Job Details

Functional Area:
Total Positions:
1 Post
Job Shift:
First Shift (Day)
Job Type:
Full Time/Permanent
Job Location:
Minimum Education:
Career Level:
Experienced Professional
5 Years - 12 Years
Require Travel:
Not Required
Apply Before:
Jul 22, 2017
Posting Date:
Jun 23, 2017
Show fewer details Read full job description


Information Technology · 11-50 employees - Riyadh


Similar Job Titles

Information Security Senior Manager

Bidaya Home Finance, Riyadh, Saudi Arabia
Posted Nov 06, 2017