| Description: |
Nair Systems is currently looking Senior Offensive Security Consultant for our Qatar operations with the following terms & conditions.
Required Qualifications and Experience:
University graduate in Computer Science subject
Strong understanding of offensive security concepts and frameworks, including MITRE ATT&CK, vulnerability exploitation, DevSecOps and OWASP top ten projects.
Experience managing or integrating SAST, DAST, attack simulation, and container security tools into CI/CD platforms (e.g., Jenkins, GitLab CI, Azure DevOps)
Awareness of current breach and attack simulation platforms and AI-driven CI/CD pen testing solutions and their use cases (e.g., Cytix, SafeBreach, AttackIQ, Cymulate).
Strong knowledge of container and kubernetes security
Ability to work independently and manage multiple priorities in a fast-paced environment.
Excellent verbal and written communication skills.
Proven work experience in the UK, US, or Europe
Key Responsibilities:
Security Tool Management & Integration
Own the deployment, configuration, and maintenance of:
Static Application Security Testing (SAST) tools
Dynamic Application Security Testing (DAST) tools
Breach and Attack Simulation (BAS) tools
Container Security Solutions (e.g., image scanning, runtime protection)
Integrate security tools into CI/CD pipelines to enable automated and continuous security validation.
Monitor tool performance, ensure scalability, and optimize configurations for accuracy and efficiency.
Security Strategy & Enablement
Provide strategic guidance on offensive security practices including:
o Vulnerability identification
o Exploitation techniques
Support red team and penetration testing efforts by enabling tooling and providing technical insights.
Collaborate with development, DevOps, and cloud teams to embed security early in the SDLC.
Container & Cloud Security
Evaluate and enhance the security posture of containerized environments (e.g., Docker, Kubernetes).
Implement container image scanning, runtime protection, and orchestration security best practices.
Work with cloud-native security tools and configurations across AWS, Azure, or GCP.
Autonomous Execution & Ownership
Take full ownership of assigned projects and deliverables with minimal supervision.
Proactively identify gaps in security tooling, processes, or coverage and propose solutions.
Maintain documentation, dashboards, and reporting mechanisms for tool usage and effectiveness.
Communication & Collaboration
Translate technical findings into clear, actionable insights for both technical and non-technical stakeholders.
Present risk assessments, tool evaluations, and remediation strategies to leadership.
Mentor junior team members and contribute to internal knowledge sharing and training initiatives.
Preferred Qualifications and Experience:
Certifications such as OSCP, CRTO, OSCE, or equivalent.
Experience of streamlining SDLC processes and workflows using AI techniques and approaches
Experience with cloud platforms (AWS, Azure, GCP) and their native security services.
Framework & Boundaries:
Groups overall strategic plan.
Applicable policies and procedures.
Delegated authorities as per the delegation of authority structure.
Instructions of the Head of Cyber Risk Assessments and Group Chief Information Security Officer
Joining time frame: 2 weeks (maximum 1 month)
Should you be interested in this opportunity, please send your latest resume in MS Word format at the earliest at nishanthini.suda[at]nairsystems.com
|
