Threat Management Specialist

As Lendo continues to grow, we’re looking for a proactive and analytical Threat Management Specialist to strengthen our cybersecurity defenses. In this role, you’ll be responsible for identifying and mitigating vulnerabilities before they can be exploited, conducting penetration testing, and managing vulnerability remediation across systems and applications.

You’ll collaborate closely with engineering and security teams to perform secure code reviews, integrate threat intelligence into decision-making, and ensure weaknesses are tracked and resolved in a timely manner. By anticipating emerging risks and driving remediation efforts, you’ll play a key role in reducing the likelihood of successful cyberattacks and protecting Lendo’s operations, customers, and data.

Key Responsibilities:

• Conduct penetration tests on applications, systems, and networks to identify exploitable weaknesses.

• Perform regular vulnerability scans, prioritize findings based on risk and business impact, and drive remediation efforts.

• Maintain ownership of identified issues, ensuring they are properly tracked and resolved within defined timelines.

• Perform static and dynamic application security testing (SAST/DAST) to detect flaws early in the development lifecycle.

• Collect, analyze, and operationalize threat intelligence to anticipate, monitor, and respond to emerging attack techniques.

• Partner with developers, system administrators, and business teams to implement fixes and improve overall security practices.

• Contribute to the continuous improvement of threat detection, vulnerability management, and secure development processes.

• Share findings with the Security Operations Center and Incident Response teams to correlate vulnerabilities with real-world attacks.

• Support reviews of vendors and partners for vulnerabilities or insecure practices.

• Provide regular reports and dashboards on vulnerabilities, remediation progress, and overall risk posture for leadership.

Qualifications:

• Bachelor’s degree in computer science, Cybersecurity, Information Systems, or related field (or equivalent hands-on experience).

• 2-3 years of experience in penetration testing, vulnerability management, or application security.

• Strong knowledge of common vulnerabilities (e.g., OWASP Top 10, SANS Top 25) and exploitation techniques.

• Hands-on experience with vulnerability scanning tools (e.g., Qualys, Tenable, Rapid7) and penetration testing frameworks (e.g., Metasploit, Burp Suite).

• Familiarity with secure coding practices and ability to perform code reviews/

• Understanding of threat intelligence platforms, MITRE ATT&CK framework, and emerging attacker tactics.

• Preferred certifications: OSCP or similar.

• Excellent proficiency in both English and Arabic (written and verbal), with the ability to produce clear reports and communicate effectively across diverse teams.