Lead Offensive Security

Department:

Experience - 5 years

Salary up to 10 LPA

Location : Kochi

Role Summary

The Lead – Offensive Security is a key member of the Security Assurance Team, responsible for evaluating, testing, and enhancing Lulu Retail’s cybersecurity posture. The role plays a critical part in strengthening IT security, improving cyber resilience, and supporting regulatory compliance across cloud and on-premise environments.

Key Responsibilities

Offensive Security Testing

• Plan, execute, and manage periodic offensive security activities, including:
• Vulnerability Assessments
• Penetration Testing (internal & external)
• Wi-Fi Security Testing
• Network Segmentation Testing
• PCI-DSS ASV Scans
• Active Directory Security Audits
• Red Teaming / Adversary Simulation

Cloud & Infrastructure Security

• Perform cloud security assessments for

  AWS and Azure

  , identifying misconfigurations, insecure architecture, and policy gaps.
• Evaluate endpoint, network, and application security controls.

Vulnerability & Risk Management

• Conduct CVE analysis, risk scoring, and prioritization.
• Track remediation progress and verify vulnerability closure.
• Ensure all security testing aligns with compliance requirements and internal security standards.

Collaboration & Advisory

• Work closely with development, DevOps, infrastructure, and IT support teams to:
• Explain identified vulnerabilities
• Recommend mitigation strategies and best practices
• Support secure design and implementation
• Lead meetings with asset owners and project teams to ensure timely remediation.

Reporting & Documentation

• Prepare detailed technical and executive-level security assessment reports.
• Document findings, recommendations, and remediation timelines.

Required Qualifications

Education

• Bachelor’s degree in

  Computer Science

  ,

  Information Security

  , or a related discipline.

Experience

• Minimum

  3 years

  of hands-on experience in cybersecurity, penetration testing, or offensive security roles.

Certifications (Preferred)

• CEH
• ECSA
• CHFI
• Other recognized offensive security or penetration testing certifications (e.g., OSCP, OSWP, OSCE, GPEN).

Technical Skills

• Strong understanding of:
• Penetration Testing methodologies
• Vulnerability Assessment & Patch Management
• Advanced cyber threats and mitigation techniques
• Proficiency with IT security tools/platforms:
• Anti-malware, Firewalls, IDS/IPS, DLP
• Web Proxies, Email Security
• Cloud Security (AWS & Azure)
• Privileged Access Management
• IAM & Identity Security
• Experience with frameworks/standards:
• OWASP
• NIST 800-64
• PCI-DSS
• ISO 27001
• GDPR

Soft Skills

• Excellent communication and stakeholder-management skills
• Strong analytical and problem-solving abilities
• Solid organizational and time-management skills
• Ability to work well independently as well as collaboratively within a team