Hire the Best Penetration Testers
in the United Arab Emirates

More than 3,000 reviews on G2
Rating is 4.5 out of 5.
4.5/5
of Upwork by G2 peer reviewers
Eslam M.

Dubai, United Arab Emirates

$75/hr
5.0
96 jobs

๐Ÿ” Protecting Businesses Since 2009 โ€” Trusted by Microsoft, Yahoo, Facebook, Sony & More ๐Ÿ” With 15+ years of hands-on cybersecurity experience, I've responsibly disclosed critical vulnerabilities to some of the world's most recognized companies โ€” and been officially acknowledged by all of them. I don't just talk security; I've proven it at the highest level. What I do for you: Whether you're a startup or an enterprise, I help you find and fix your weaknesses before attackers do. My work spans penetration testing, ethical hacking, vulnerability assessments, malware removal, and secure development โ€” delivered with clear reports and actionable fixes. ๐ŸŒ Hall of Fame & Bug Reports: โœ” Microsoft โ€” Identified critical infrastructure vulnerabilities โœ” Facebook โ€” Contributed to platform security hardening โœ” Yahoo โ€” Reported security gaps in digital assets โœ” Sony โ€” Secured key systems against active threats โœ” AVG & Bitdefender โ€” Strengthened antivirus defenses ๐Ÿš€ Core Services: โœ” Web & Network Penetration Testing โœ” Vulnerability Assessment & Reporting โœ” Malware Detection & Removal โœ” Cloud & Mobile Application Security โœ” Red Team Exercises & Threat Hunting โœ” Incident Response & Forensic Analysis โœ” WordPress & CMS Security โœ” Secure Code Review & DevSecOps โœ” OSINT Investigations โœ” Security Awareness Training ๐Ÿ’ป Development Skills: Python | Golang | PHP | Java | C# | Bash | PowerShell [ CEH | OSCP | CompTIA Security+] ๐Ÿ”’ Your security is only as strong as the expert behind it. Let's talk โ€” send me a message or book a consultation call and let's start securing your systems today.

  • Penetration Testing
  • Ethical Hacking
  • Vulnerability Assessment
  • Web App Penetration Testing
  • Web Application Security
  • OWASP
  • Bug Bounty
  • Cloud Security
  • Incident Response Plan
  • Red Team Assessment
  • Kali Linux
  • WordPress
  • Linux System Administration
  • Virus Removal
  • Joomla
  • PHP
Khaled S.

Dubai, United Arab Emirates

$75/hr
5.0
11 jobs

I have Experience in Penetration Testing(Network, Web Application, Desktop, Mobile, IVR and webservice), performed lots of Security Implementations related to Security Solutions such as SIEM, Two Factor Authentication, Firewalls,...etc. in Egypt and Large banks in Qatar. . I have experience in PCI Audits , did lot's of gap assessments and pre-audits on many banks and payment gateway. Also I wrote multiple articles in big security magazines like Hakin9 in Europe and Security Kaizen in Middle East, I'm currently having two 0day vulnerability and listed in multiple hall of fames including Microsoft. I have multiple certifications like OSCP, OSEP, OSWE And OSCE Job Experience: โ€ข Running PCI-DSS Gap Assessments, Pre-Audits, Final Audits in big payment gateways and large ISP's in Egypt โ€ข Performing Internal / External Network Penetration testing for large bank, ISP & other clients. โ€ข Performing Internal / External Application Penetration Testing โ€œWeb / Desktopโ€ for large customers in Egypt and Qatar. โ€ข Performing advanced Penetration testing including Mobile,Web service, IOT and IVR PT in Egypt. โ€ข Supervising big Vulnerability Assessment projects in Egypt most required by PCI-DSS clients. โ€ข Performing large SIEM Solution implementations for ISPs, Banks, government sector & others in Egypt, Qatar โ€ข Implementing biggest Two Factor Authentication Solution implementation in the middle east. โ€ข Vulnerability Management Solutions for large customers in Egypt โ€ขEnd Point Protection implementation in large banks in Egypt โ€ข McAfee Next Generation FW deployments for large clients in Qatar. โ€ข McAfee Network Security Manager IPS deployments for large clients in Qatar. โ€ขDeploying Anti Fraud solutions at one of the biggest banks in Middle east. โ€ขDeploying Mobile Device Management solutions (Mobile Iron)at one of the biggest banks in Middle east. โ€ขOne of the consultants responsible for securing the 4G Network(IMS Core,HSS,...etc.) at one of the biggest Mobile operators in Egypt. โ€ขLeading a team of 3 Engineers to perform mentioned activities previously.

  • Penetration Testing
  • Information Security
  • Network Penetration Testing
  • Vulnerability Assessment
  • Web App Penetration Testing
  • Computer Network
  • Code Review
  • Python
  • PCI
Dr Mohamed A.

Dubai, United Arab Emirates

$120/hr
4.9
45 jobs

PhD-Level Cybersecurity Expert | vCISO | CISSP | CEH | CISM | CISA | PMP Trusted by organizations across the GCC, MENA, and global markets to build, audit, and scale cybersecurity programs that deliver measurable, board-level results. With 20+ years in cybersecurity leadership, I deliver expert-level services across the full security lifecycle โ€” from penetration testing and vulnerability assessments to ISO 27001 implementation, SOC 2 readiness, GRC consulting, and virtual CISO engagements. WHY CLIENTS CHOOSE ME: - PhD in Cybersecurity + 10+ active certifications: CISSP, CEH, CISM, CISA, PMP, CCNP, MCT, Security+, MCSE+Security, RHCE, Linux+, CEI, CCSI - Founder of InfoSec4TC โ€” trained 100,000+ students across 150+ countries - Author of 7 published cybersecurity books on Amazon (ISO 27001, Ethical Hacking, AI Security & more) - Authorized training partner: CompTIA, Amazon AWS, Mile2, and Microsoft - Creator of AI-powered platforms: CyberSecurity365 (CS365), CyberMentor App, DesiredAI - 14 best-selling online courses | 4.8/5 Trustpilot (138+ verified reviews) | 95% satisfaction rate - 5,000+ training hours delivered globally SERVICES I DELIVER: - Virtual CISO (vCISO) โ€” Strategic security leadership for growing organizations - Penetration Testing & Vulnerability Assessment (Web, Network, Cloud, OT/ICS/SCADA) - ISO 27001 / ISO 27017 / ISO 42001 โ€” Gap analysis, full implementation & audit readiness - SOC 2 Type I & II โ€” Readiness assessment and remediation - GRC โ€” Risk assessments, policy development, security frameworks - HIPAA, PCI DSS, CMMC, FedRAMP โ€” Compliance consulting and documentation - Cloud Security (AWS, Azure, GCP) โ€” Architecture review and hardening - OT/ICS/SCADA Security โ€” Industrial control systems risk and compliance - NCA ECC, NESA, SAMA, ISR โ€” UAE & GCC regional regulatory compliance - Security Awareness Training โ€” AI-powered, behavior-driven workforce programs - Digital Forensics & Incident Response (DFIR) - Security Policy & Procedure Development PUBLISHED BOOKS (Amazon): "Mastering ISO 27001:2022" | "Build a Cyber Security Career from Scratch" | "Mastering Cybersecurity with ChatGPT" | "Kali Linux for Ethical Hacking" | "Cyber Security Specialist: Step-by-Step Guide" | "The Complete Cybersecurity Handbook" Dubai-based | Available globally for remote & on-site engagements Fluent: English | Arabic | French Ready to secure what matters most to your business.

  • Penetration Testing
  • Information Security
  • Vulnerability Assessment
  • Cybersecurity Management
  • Governance, Risk & Compliance Software
  • ISO 27001
  • Risk Assessment
  • SOC 2
  • Security Policies & Procedures Documentation
  • Cloud Security
  • NIST Cybersecurity Framework
  • GDPR
  • Information Security Awareness
  • Information Security Audit
  • AI Governance
  • Threat Detection
  • HIPAA
  • CMMC
  • Technical Writing
  • Employee Training
Mirza H.

Dubai, United Arab Emirates

$39/hr
5.0
2 jobs

๐—ฃ๐—ฟ๐—ผ๐˜๐—ฒ๐—ฐ๐˜ ๐—ฌ๐—ผ๐˜‚๐—ฟ ๐—ช๐—ฒ๐—ฏ ๐—”๐—ฝ๐—ฝ๐—น๐—ถ๐—ฐ๐—ฎ๐˜๐—ถ๐—ผ๐—ป๐˜€, ๐—”๐—ฃ๐—œ๐˜€ ๐—ฎ๐—ป๐—ฑ ๐—œ๐—ป๐—ณ๐—ฟ๐—ฎ๐˜€๐˜๐—ฟ๐˜‚๐—ฐ๐˜๐˜‚๐—ฟ๐—ฒ ๐—ณ๐—ฟ๐—ผ๐—บ ๐—ฅ๐—ฒ๐—ฎ๐—น-๐—ช๐—ผ๐—ฟ๐—น๐—ฑ ๐—”๐˜๐˜๐—ฎ๐—ฐ๐—ธ๐˜€. I help organizations identify and eliminate critical security vulnerabilities through ๐—ฝ๐—ฟ๐—ฎ๐—ฐ๐˜๐—ถ๐—ฐ๐—ฎ๐—น ๐—ฝ๐—ฒ๐—ป๐—ฒ๐˜๐—ฟ๐—ฎ๐˜๐—ถ๐—ผ๐—ป ๐˜๐—ฒ๐˜€๐˜๐—ถ๐—ป๐—ด, ๐˜ƒ๐˜‚๐—น๐—ป๐—ฒ๐—ฟ๐—ฎ๐—ฏ๐—ถ๐—น๐—ถ๐˜๐˜† ๐—ฎ๐˜€๐˜€๐—ฒ๐˜€๐˜€๐—บ๐—ฒ๐—ป๐˜๐˜€, and ๐—ฆ๐—ข๐—–-๐—ถ๐—ป๐—ณ๐—ผ๐—ฟ๐—บ๐—ฒ๐—ฑ ๐˜€๐—ฒ๐—ฐ๐˜‚๐—ฟ๐—ถ๐˜๐˜† ๐—ฎ๐—ป๐—ฎ๐—น๐˜†๐˜€๐—ถ๐˜€. With 5+ years of enterprise technical experience, including hands-on SOC operations in a telecom environment. I understand both attacker techniques and defender detection logic. This allows me to simulate realistic attack paths and deliver findings that are actionable, not theoretical. -- ๐—ช๐—ต๐—ฎ๐˜ ๐—œ ๐——๐—ผ ๐—ช๐—ฒ๐—ฏ & ๐—”๐—ฃ๐—œ ๐—ฃ๐—ฒ๐—ป๐—ฒ๐˜๐—ฟ๐—ฎ๐˜๐—ถ๐—ผ๐—ป ๐—ง๐—ฒ๐˜€๐˜๐—ถ๐—ป๐—ด: I perform deep security assessments of web and mobile applications to uncover vulnerabilities such as authentication bypass, injection flaws, access control issues, and insecure file handling. You receive: - A fully structured penetration test report - Verified proof-of-concept exploitation - Risk-based prioritization (CVSS-aligned) - Developer-focused remediation steps ๐—ก๐—ฒ๐˜๐˜„๐—ผ๐—ฟ๐—ธ & ๐—–๐—น๐—ผ๐˜‚๐—ฑ ๐—ฆ๐—ฒ๐—ฐ๐˜‚๐—ฟ๐—ถ๐˜๐˜†: I assess internal and external attack surfaces to identify exposed services, misconfigurations, and weak authentication paths, including cloud environments on AWS. ๐—ฆ๐—œ๐—˜๐—  ๐—˜๐—ป๐—ด๐—ถ๐—ป๐—ฒ๐—ฒ๐—ฟ๐—ถ๐—ป๐—ด & ๐—ง๐—ต๐—ฟ๐—ฒ๐—ฎ๐˜ ๐——๐—ฒ๐˜๐—ฒ๐—ฐ๐˜๐—ถ๐—ผ๐—ป: As a working SOC analyst, I build and tune Splunk / ELK detection pipelines that improve signal-to-noise ratio and highlight real threats instead of alert fatigue. ๐—œ๐—ป๐—ฐ๐—ถ๐—ฑ๐—ฒ๐—ป๐˜ ๐—ฅ๐—ฒ๐˜€๐—ฝ๐—ผ๐—ป๐˜€๐—ฒ & ๐—™๐—ผ๐—ฟ๐—ฒ๐—ป๐˜€๐—ถ๐—ฐ๐˜€: I support security incidents through log analysis, root cause investigation, and structured reporting to help teams contain breaches and understand attack timelines. -- ๐—ช๐—ต๐˜† ๐—›๐—ถ๐—ฟ๐—ฒ ๐— ๐—ฒ ๐—œ๐—ฆ๐—–ยฒ ๐—–๐—ฒ๐—ฟ๐˜๐—ถ๐—ณ๐—ถ๐—ฒ๐—ฑ (๐—–๐—–), ๐—–๐—˜๐—›, ๐—ฎ๐—ป๐—ฑ ๐—š๐—ผ๐—ผ๐—ด๐—น๐—ฒ ๐—–๐˜†๐—ฏ๐—ฒ๐—ฟ๐˜€๐—ฒ๐—ฐ๐˜‚๐—ฟ๐—ถ๐˜๐˜† ๐—–๐—ฒ๐—ฟ๐˜๐—ถ๐—ณ๐—ถ๐—ฐ๐—ฎ๐˜๐—ฒ. I provide ๐—ฐ๐—น๐—ฒ๐—ฎ๐—ฟ ๐—ฐ๐—ผ๐—บ๐—บ๐˜‚๐—ป๐—ถ๐—ฐ๐—ฎ๐˜๐—ถ๐—ผ๐—ป, ๐—ฎ๐—ฐ๐˜๐—ถ๐—ผ๐—ป๐—ฎ๐—ฏ๐—น๐—ฒ ๐—ฟ๐—ฒ๐—ฝ๐—ผ๐—ฟ๐˜๐˜€, and ๐—ณ๐—ฎ๐˜€๐˜ ๐˜๐˜‚๐—ฟ๐—ป๐—ฎ๐—ฟ๐—ผ๐˜‚๐—ป๐—ฑ๐˜€. Every engagement includes ๐—ณ๐—ฟ๐—ฒ๐—ฒ ๐—ฟ๐—ฒ-๐˜๐—ฒ๐˜€๐˜๐—ถ๐—ป๐—ด to verify that identified vulnerabilities have been successfully remediated.

  • Penetration Testing
  • Ethical Hacking
  • Network Penetration Testing
  • Vulnerability Assessment
  • Web App Penetration Testing
  • NIST Cybersecurity Framework
  • Web Application Security
  • Application Security
  • Incident Response Readiness Assessment
  • Cyber Threat Intelligence
  • OWASP
  • Risk Assessment
  • Splunk
  • ELK Stack
  • Amazon ECS for Kubernetes
  • IBM WebSphere
  • SQL Injection Mitigation
  • SOC 1
  • SOC 2
  • Risk Analysis
Muhammad M.

Dubai, United Arab Emirates

$26/hr
5.0
5 jobs

Hi. I am a Penetration Tester or ethical hacker or bug bounty hunter with CEH v12 certified from eccouncil and working as Cyber Security Specialist in a well reputed organization where I manage and review all its security related issues on their products. I am Passionate about streamlining processes through the use of Security scenarios. 3+ years using Python, bash to automate and enrich Cyber Security / IT process. Allowing more time to be spent on high value work, rather than redundant tasks. 6+ years in Cyber Security performing Penetration Testing, Vulnerability Assessment, Ethical Hacking.

  • Penetration Testing
  • Ethical Hacking
  • Firewall
  • Information Security
  • Network Penetration Testing
  • Network Security
  • Vulnerability Assessment
  • Kali Linux
  • Network Monitoring

How it works

Post a job for free Post a job

Tell us what you need. Create your own job post or generate one with AI then filter talent matches.

Hire top talent fast

Consult, interview, and hire quickly, so you can meet the freelancers you're excited about.

Collaborate easily

Use Upwork to chat or video call, share files, and track project progress right from the app.

Payment simplified

Manage payments in one place with flexible billing options. Only pay for approved work, hourly or by milestone.

Don't just take our word for it

How do I hire a Penetration Tester in the United Arab Emirates on Upwork?

You can hire a Penetration Tester in the United Arab Emirates on Upwork in four simple steps:

  • Create a job post tailored to your Penetration Tester project scope. We'll walk you through the process step by step.
  • Browse top Penetration Tester talent on Upwork and invite them to your project.
  • Once the proposals start flowing in, create a shortlist of top Penetration Tester profiles and interview.
  • Hire the right Penetration Tester for your project from Upwork, the world's largest work marketplace.

At Upwork, we believe talent staffing should be easy.

How much does it cost to hire a Penetration Tester?

Rates charged by Penetration Testers on Upwork can vary with a number of factors including experience, location, and market conditions. See hourly rates for in-demand skills on Upwork.

Why hire a Penetration Tester in the United Arab Emirates on Upwork?

As the world's work marketplace, we connect highly-skilled freelance Penetration Testers and businesses and help them build trusted, long-term relationships so they can achieve more together. Let us help you build the dream Penetration Tester team you need to succeed.

Can I hire a Penetration Tester in the United Arab Emirates within 24 hours on Upwork?

Depending on availability and the quality of your job post, it's entirely possible to sign up for Upwork and receive Penetration Tester proposals within 24 hours of posting a job description.