Embedded Offensive Security Engineer📣 Job Ad
| Contract Type | Full-time | |
| Workplace type | On-site | |
| Location | Riyadh |
Job Description
About Qantra and the Role
Qantra is seeking an Embedded Offensive Security Engineer to join its team in Riyadh, Saudi Arabia. This full-time position focuses on managing and enhancing offensive security platforms within client environments, combining deep technical expertise with practical remediation capabilities.
Role Purpose and Scope
The Embedded Offensive Security Engineer will serve as the primary technical resource responsible for the day-to-day operation, tuning, and ongoing stabilization of attack simulation and External Attack Surface Management (EASM) platforms deployed within client environments. This role requires deep offensive security expertise combined with strong systems administration and hands-on remediation capabilities. The individual will act as a technical bridge between vendor platforms, the client's internal cybersecurity team, and cross-functional stakeholders including IT, infrastructure, DevOps, and application owners.
Key Responsibilities
- Operate, monitor, and triage alerts from EASM and automated penetration testing platforms daily.
- Schedule and execute approved internal attack simulations, including identity/Active Directory attack-path testing, lateral movement, and network segmentation validation.
- Maintain full audit logs of simulation activity, generated artifacts, and system access in line with client governance requirements.
- Conduct retesting and regression validation post-remediation, producing formal closure evidence for findings.
- Coordinate with IT, DevOps, infrastructure, and application owners to drive timely remediation of identified vulnerabilities and misconfigurations.
- Work directly with system and service owners to implement patches, configuration changes, and security hardening measures.
- Troubleshoot and resolve asset discovery, attribution, and coverage gaps impacting platform visibility or assessment accuracy.
- Manage and continuously refine the EASM platform, including onboarding approved asset inventories.
- Monitor and profile externally exposed assets, identifying unknown, orphaned, and shadow IT assets.
- Conduct manual threat modeling and attack-path analysis for critical and high-risk business systems.
- Map executed attack scenarios to recognized adversary frameworks like MITRE ATT&CK, with end-to-end attack-chain documentation.
- Translate technical findings into clear, business-focused risk narratives for senior leadership and executive management.
- Produce and present regular reports on platform status, risk posture, open findings, and remediation progress.
- Develop and maintain fully documented operational runbooks for all platform capabilities.
- Deliver structured knowledge transfer sessions to the client's internal Cyber Security team.
Essential Qualifications and Experience
- Minimum 4-6 years of hands-on offensive security experience, including penetration testing, red team operations, or attack simulation roles.
- Demonstrable experience deploying, operating, and troubleshooting enterprise-grade attack simulation or automated penetration testing platforms (*, Cymulate, Pentera, ********, AttackIQ, or equivalent).
- Strong background in systems administration: Windows Server, Active Directory, Linux, and enterprise networking.
- Hands-on experience with identity and AD attack-path techniques: credential access, privilege escalation, lateral movement, Kerberoasting, Pass-the-Hash, and equivalent.
- Practical knowledge of network segmentation testing, EDR evasion validation, and SIEM detection logic.
- Experience with External Attack Surface Management platforms and asset discovery methodologies.
- Ability to produce clear, executive-level risk reporting from complex technical findings.
- Current CREST certification (CRT, CCT, or equivalent) OR OSCP, GPEN, GXPN, or equivalent offensive security qualification.
- Willingness and ability to work on-site in Riyadh, KSA, five days per week.
Desirable Skills and Background
- Prior experience in a vendor-embedded or client-site secondment model.
- Familiarity with GCC or KSA enterprise environments, regulatory expectations (NCA ECC, SAMA CSF), and data sovereignty requirements.
- Experience with large-scale enterprise environments in sectors such as FMCG, food production, logistics, or critical national infrastructure.
- Knowledge of MITRE ATT&CK, TIBER-EU, or CBEST red team frameworks.
- Experience with integration of security platforms into CMDB, SIEM (*, Splunk, Microsoft Sentinel), EDR (*, CrowdStrike, Microsoft Defender), and ITSM (*, ServiceNow).
Work Location and Commitment
This is a full-time position based on-site in Riyadh, Saudi Arabia, requiring attendance five days per week. The role involves working directly within client environments, collaborating with various internal and external teams to enhance cybersecurity posture.
Requirements
- Requires 5-10 Years experience
Similar Jobs
You may also like
- Related Embedded Offensive Security Engineer Opportunities
- Sales Representative Jobs in Al Khobar
- Purchasing Manager Jobs in Al Khobar
- Graphic Designer Jobs in Al Khobar
- Host Jobs in Al Khobar
- Barista Jobs in Al Khobar
- Other Job Fields in Riyadh
- Sales Representative Jobs in Riyadh
- Purchasing Manager Jobs in Riyadh
- Graphic Designer Jobs in Riyadh
- Beauty Salon Manager Jobs in Riyadh
- Cashier Jobs in Riyadh
- Call Center Agent Jobs in Riyadh
- Host Jobs in Riyadh
- Operations Officer Jobs in Riyadh
- Barista Jobs in Riyadh
- HVAC Engineer Jobs in Riyadh
- Explore Jobs Across Saudi Arabia
- Cleaning worker Jobs in Abu Arish
- Network Engineer Jobs in Al Khobar
- Digital Marketing Specialist Jobs in Jeddah
- Quality Control Engineer Jobs in Nifi
- Human Resources Specialist Jobs in Riyadh
- Data Entry Agent Jobs in Al Hafuf
- Seller Jobs in Al Mubarraz
- Graphic Designer Jobs in Jeddah
- Fast food maker Jobs in Jeddah
- Seller Jobs in Hail
