We are seeking a skilled Penetration Tester with strong experience in CI/CD pipeline security to identify, assess, and mitigate security vulnerabilities across applications, infrastructure, and automated deployment environments. The role focuses on proactive security testing, secure DevOps practices, and strengthening systems against evolving threats.
Conduct penetration testing on web applications, APIs, networks, and cloud environments.
Perform security assessments of CI/CD pipelines, including build, test, and deployment workflows.
Identify vulnerabilities related to source code repositories, automation tools, container images, and secrets management
Test authentication, authorization, session management, and access controls.
Assess API security, including token handling, rate limiting, and authorization flaws.
Execute static (SAST), dynamic (DAST), and dependency security testing within CI/CD processes.
Validate security of containerized environments (Docker, Kubernetes).
Simulate real-world attack scenarios and document findings with clear remediation guidance.
Collaborate with development and DevOps teams to implement secure-by-design practices.
Support incident response investigations and post-incident analysis when required.
2+ years of experience in penetration testing, application security, or ethical hacking
Strong understanding of CI/CD pipelines and DevSecOps methodologies.
Hands-on experience securing tools such as GitHub Actions, GitLab CI, Jenkins, Azure DevOps, or similar
Proficiency in web and API security testing (OWASP Top 10, OWASP API Top 10).
Experience with authentication mechanisms (JWT, OAuth2, SSO).
Knowledge of common vulnerabilities: SQLi, XSS, CSRF, SSRF, IDOR, RCE, misconfigurations.
Familiarity with Linux environments, networking concepts, and cloud security fundamentals.
Penetration testing tools: Burp Suite, Metasploit, Nmap, OWASP ZAP, Nikto
CI/CD security tools: Snyk, Trivy, SonarQube, Dependabot, GitGuardian
Container and cloud security tools (experience preferred).
Scripting knowledge in Python, Bash, or PowerShell is an advantage.
Welcome to Antons, where expertise meets innovation in the realm of talent solutions. Born from a shared vision of industry veterans, our agency is the collective ambition of former colleagues who have united to transform the talent acquisition landscape in UAE.
At Antons, we bring together a wealth of experience in talent acquisition, psychology, onboarding, performance management, and employee relations. Our team of onboarding specialists and seasoned professionals is dedicated to leveraging our collective expertise to streamline the recruitment process for our clients.
Our journey began as a convergence of paths, each of us bringing our unique insights and proven strategies from years of industry practice. Together, we are committed to providing bespoke people solutions that not only meet the needs of our prospects but also exceed their expectations.
In the heart of Dubai, a city known for its dynamic business environment, we understand the importance of finding the right talent that aligns with the cultural and professional ethos of a company. That’s why at Antons, we don’t just recruit - we analyze, we match, and we ensure that the professionals we connect with our clients are poised for long-term success and satisfaction. Join us at Antons as we redefine recruitment, one successful placement at a time.
