Cybersecurity Offensive Specialist
Who Are We
HALA is a leading fintech player in the MENAP region that aims to redefine financial services and build the future bank of SMEs. HALA aims at empowering SMEs to start, run, and grow their businesses by providing them with cutting-edge financial and technological tools.
HALA currently holds multiple entities in UAE, Saudi Arabia and Egypt (including HALA Payments and HALA Logistics) and offers solutions that enable merchants to digitize their payments as well as manage their sales and operations.
Founded in 2017, HALA is currently licensed by the Saudi Arabian Central Bank.
Role Summary
The Cybersecurity Offense Specialist is primarily responsible for executing the organization's offensive security assessments by conducting advanced penetration tests to simulate realistic cyberattacks and proactively identify and exploit security vulnerabilities across systems, networks, and applications. Critically, this role involves deeply documenting and communicating these findings and attack pathways to both technical and executive audiences with clear, actionable recommendations, and collaborating with defensive security teams to test, validate, and enhance the organization's overall detection and response capabilities against sophisticated, real-world threats.
Key Responsibilities
- Execute HALA's offensive security assessments (red teaming, adversary simulation, penetration testing) in alignment with SAMA CSF and NCA ECC requirements.
- Conduct controlled attack exercises on apps, cloud, APIs, and payment/merchant platforms to validate real-world exploitability.
- Execute advanced penetration testing and source code reviews to identify deeply rooted vulnerabilities, and collaborate with Defense/SOC teams to validate and improve detections against these specific attack vectors.
- Maintain and utilize offensive tooling and lab environments; strictly adhere to rules of engagement to ensure safe testing with zero business disruption.
- Deliver clear, detailed remediation guidance to Product/Engineering teams and support the tracking and closure of critical findings.
- Ensure all assessment activities, evidence, and reporting align with SAMA CSF and NCA ECC control objectives and audit expectations.
Minimum Qualifications
- 3-5 years
- Required: At least one recognized offensive security certification: OSCP, CRTO, eCPPT or equivalent.
- Preferred (one or more): OSEP, OSWE, GXPN, GWAPT, GPEN, or CRTP/CRTE for advanced red team and adversary-simulation depth.
We believe you will love working at HALA!
- We have an inclusive and diverse culture that encourages innovation and flexibility in remote, in-office, and hybrid work setups.
- We offer highly competitive compensation packages, including the potential for shares.
- We prioritize personal development and offer regular training and an annual learning stipend to tackle new challenges and grow your career in a hyper-growth environment.
- Join a talented team of over 30 nationalities working in 7 countries and gain valuable experience in an exciting industry.
- We offer autonomy, mentoring, and challenging goals that create incredible opportunities for both you and the company.
- You will be given a lot of responsibility and trust. We believe that the best results come when the people responsible for a function are given the freedom to do what they think is best.
Create a Job Alert
Interested in building your career at HALA? Get future opportunities sent straight to your email.
Apply for this job
*
indicates a required field
.png?1732004734)