Offensive Security Engineer

Paratus Cybersecurity • Full-time • أبو ظبي, AE • 2m ago

Offensive Security Engineer – iOS/Android & Web

Location: Abu Dhabi

Experience: 6–10 years | Employment Type: Full-time

About the Role

We are seeking an experienced Offensive Security Engineer with deep expertise in mobile (iOS/Android) and web application security. In this role, you will perform advanced penetration testing, bypass modern security defenses (SSL pinning, root/jailbreak detection, WAFs), and deliver impactful findings simulatingreal-world threats.

Key Responsibilities

Perform advanced mobile application security testing (iOS & Android) including jailbreak/root detection bypass and SSL/TLS pinning bypass.
Conduct web application & API penetration tests covering OWASP Top 10, WebSQL/SQL injection, and authentication/authorization flaws.
Assess applications deployed behind WAFs/load balancers) and design safe bypass strategies.
Develop custom scripts and automation (Python, JavaScript/Frida, etc.) for safe data extraction and exploit validation.
Reverse engineer binaries (APK/IPA) to analyze protections and discover vulnerabilities.
Execute adversary emulation exercises mapped to MITRE ATT&CK.
Deliver technical reports and executive summaries, providing remediation guidance and supporting re-testing.

Required Skills & Experience

6–10 years of experience in offensive security, penetration testing, or red teaming.
Strong expertise in mobile security (iOS & Android), including Frida, Objection, LSPosed/Xposed, Magisk, jailbreak/root bypass tools.
Proficiency in web application security testing (OWASP Top 10, APIs, injection flaws, authentication).
Hands-on with tools like Burp Suite, adb/emulators, reverse engineering frameworks (apktool, JADX, IDA/Ghidra/Hopper).
Programming/scripting experience in Python, JavaScript, Java, Swift, Kotlin, C#, or Go.
Solid understanding of network protocols, encryption, and bypass techniques.

Preferred Certifications