Nair Systems is currently looking Senior Offensive Security Consultant for our Qatar operations with the following terms & conditions.
Required Qualifications and Experience:
• University graduate in Computer Science subject
• Strong understanding of offensive security concepts and frameworks, including MITRE ATT&CK, vulnerability exploitation, DevSecOps and OWASP top ten projects.
• Experience managing or integrating SAST, DAST, attack simulation, and container security tools into CI/CD platforms (e.g., Jenkins, GitLab CI, Azure DevOps)
• Awareness of current breach and attack simulation platforms and AI-driven CI/CD pen testing solutions and their use cases (e.g., Cytix, SafeBreach, AttackIQ, Cymulate).
• Strong knowledge of container and kubernetes security
• Ability to work independently and manage multiple priorities in a fast-paced environment.
• Excellent verbal and written communication skills.
• Proven work experience in the UK, US, or Europe
Key Responsibilities:
Security Tool Management & Integration
• Own the deployment, configuration, and maintenance of:
• Static Application Security Testing (SAST) tools
• Dynamic Application Security Testing (DAST) tools
• Breach and Attack Simulation (BAS) tools
• Container Security Solutions (e.g., image scanning, runtime protection)
• Integrate security tools into CI/CD pipelines to enable automated and continuous security validation.
• Monitor tool performance, ensure scalability, and optimize configurations for accuracy and efficiency.
• Security Strategy & Enablement
• Provide strategic guidance on offensive security practices including:
o Vulnerability identification
o Exploitation techniques
• Support red team and penetration testing efforts by enabling tooling and providing technical insights.
• Collaborate with development, DevOps, and cloud teams to embed security early in the SDLC.
• Container & Cloud Security
• Evaluate and enhance the security posture of containerized environments (e.g., Docker, Kubernetes).
• Implement container image scanning, runtime protection, and orchestration security best practices.
• Work with cloud-native security tools and configurations across AWS, Azure, or GCP.
Autonomous Execution & Ownership
• Take full ownership of assigned projects and deliverables with minimal supervision.
• Proactively identify gaps in security tooling, processes, or coverage and propose solutions.
• Maintain documentation, dashboards, and reporting mechanisms for tool usage and effectiveness.
Communication & Collaboration
• Translate technical findings into clear, actionable insights for both technical and non-technical stakeholders.
• Present risk assessments, tool evaluations, and remediation strategies to leadership.
• Mentor junior team members and contribute to internal knowledge sharing and training initiatives.
Preferred Qualifications and Experience:
• Certifications such as OSCP, CRTO, OSCE, or equivalent.
• Experience of streamlining SDLC processes and workflows using AI techniques and approaches
• Experience with cloud platforms (AWS, Azure, GCP) and their native security services.
Framework & Boundaries:
• Group’s overall strategic plan.
• Applicable policies and procedures.
• Delegated authorities as per the delegation of authority structure.
• Instructions of the Head of Cyber Risk Assessments and Group Chief Information Security Officer
Joining time frame: 2 weeks (maximum 1 month)
Should you be interested in this opportunity, please send your latest resume in MS Word format at the earliest