Offensive Security Engineer

We are seeking an exceptional team member who is deeply committed to offensive security practices to join our dynamic team, which is focused on constant and never-ending improvement.

About The Role:

• Collaborate in the strategic planning, design, and execution of Red Team and Purple Team initiatives.
• Conduct comprehensive red team assessments to identify and exploit security weaknesses within the organization's infrastructure, applications, and networks.
• Execute comprehensive Adversarial Simulation / Red Team assessments.
• Document findings meticulously and deliver detailed reports to stakeholders, along with actionable recommendations for remediation.
• Evaluate vendor solutions and recommend security products accordingly.
• Evaluate domain-specific tools to meet business needs, outlining associated estimates, documenting assumptions, and ensuring alignment with relevant roadmaps.
• On call availability
• Collaborate closely with blue team members to enhance defensive capabilities and improve incident response procedures.
• Experienced pentester proficient in assessing security vulnerabilities & misconfigurations within SaaS environments, with a focus on cloud-based infrastructure 
• Develop and execute sophisticated attack scenarios to simulate real-world cyber threats and assess the effectiveness of existing security controls.
• Research emerging threats and vulnerabilities to stay ahead of evolving attack techniques and trends.

Requirements

• Demonstrable adversarial mindset and adept critical thinking skills.
• Minimum of 3 years of hands-on experience in conducting red team operations.
• Proficiency with a range of testing tools such as Metasploit framework, MitM Proxy, CrackMapExec,Qualys, Nessus, Burp Suite, Tanium, Wireshark, TCPdump, etc.
• Competence in securing, administering, 
• Proficiency in scripting and modifying existing code using languages like Perl, Python, Ruby, bash, C/C++, C#, or Java.
• Familiarity with open security testing standards and projects such as OWASP or the MITRE ATT&CK Framework.
• Understanding of adversarial Tactics, Techniques, and Procedures (TTPs).
• Experience in evaluating and testing cloud environments, particularly AWS, GCP, and Azure.
• Deep understanding of Identity and access management concepts.
• Excellent written and verbal communication skills, with experience in diverse and global environments.
• Thorough understanding of security methodologies, technologies, and best practices.

Advantageous:

• Active participation in the security community through avenues like conference speaking or tool development contributions.
• Bachelor’s or Master’s degree in computer science, information systems, or a related field.
• Certifications in penetration testing such as OSCP/E, OSEP, GPEN, CEH, etc.
• Proficiency in programming languages like Python, PHP, PowerShell, Java, Ruby, or others.

#LI-DNI