22 Offensive Security Jobs

As a Senior Manager at Adobe Product Security Engineering, you will play a crucial role in shaping and leading the Offensive Security, DAST, and Vulnerability Management charter. Your responsibilities will include: - Joining the Adobe India Security Leadership team to define and drive the strategy for Offensive Security, DAST, and Vulnerability Management. - Leading the development of internal offensive security tooling and DAST capabilities. - Collaborating with various teams to create a unified model for continuous large-scale scanning and detection. - Managing and developing a global team of security experts to advance company-wide vulnerability management, DAST, and offensive security programs. - Working with cross-functional partners globally to enhance detection and remediation at scale. - Implementing strategic remediation approaches, prioritizing critical fixes, and aligning goals with business priorities. To succeed in this role, you will need: - A Bachelors or advanced degree in Information Technology, Computer Science, or a related field. - 15-18 years of experience in enterprise-level offensive security, security tooling development, global vulnerability management, and Dynamic Application Security Testing (DAST), with at least 3 years in a leadership role. - Deep expertise in industry-wide vulnerabilities, emerging attack trends, CVEs, and remediation strategies. - Understanding of OWASP methodologies, bug bounty experience, and penetration testing. - Knowledge of threat landscape, common TTPs, and strong interpersonal, communication, and leadership skills. - Proven ability to build and lead high-performing teams and foster cross-functional collaboration at scale. Adobe offers internal opportunities for career growth through creativity, curiosity, and continuous learning. You can update your Resume/CV and Workday profile to include your Adobe experiences and volunteer work, explore roles through the Internal Mobility page, and prepare for interviews. The Talent Team will reach out within 2 weeks of applying via Workday, and if you progress to the official interview process, inform your manager for support. Join Adobe for an exceptional work environment, ongoing feedback culture, and meaningful benefits. Make an impact and explore career experiences shared by employees on the Adobe Life blog. Adobe is committed to accessibility, and if you require accommodation, reach out to accommodations@adobe.com or call (408) 536-3015.,

Job Description Role : Offensive Security Location: Mumbai/Hyderabad/Chennai Qualification & Experience M.Tech/B.E. /B.Tech/MCA/BCA/BSC More than 4 years of experience in conducting Red Team and offensive security. Certifications in different Security products, ITIL, CEH, OSCP, OSCE, OSWE, SANS/GIAC etc. would be an added advantage. Job Responsibilities: 2-6 years of experience in Pentest, Red Team, offensive security engagements. Deep understanding of network, web and API security vulnerabilities and mitigation. Good understanding on Active directories and ways of exploitation. In-Depth knowledge of Linux operating system. Ability to model threats and risks for large and complex systems. Good knowledge of IPS/IDS, Firewalls, WAF, Switch and Router. Advance knowledge on Authentication, security protocols, Cryptography etc. Ability to think critically and identify areas of technical and non-technical risk. Ability to write technical reports and communicate technical content to non-technical audiences. Relevant security certification i.e. OSCP, OSCE, OSWE, SANS/GIAC, Published CVEs is an added advantage. Good understanding and experience in offensive security tools and techniques i.e. Metasploit, Burpsuite, Armitage, MITRE ATT&CK Framework. Knowledge in one of the scripting language. Has basic knowledge to write exploits for known vulnerabilities.

Kroll is a global leader in risk and financial advisory solutions. The company's Offensive Security professionals focus on discovering and mitigating unique security risks for clients worldwide, using cutting-edge tools and expert knowledge to find vulnerabilities in networks, systems, and software. Role & Responsibilities The Senior Consultant will report to a Principal Consultant in India and play a central role in Kroll's cybersecurity practice. This position combines technical leadership with client-facing responsibilities and mentorship. Project Leadership & Execution: Lead and deliver various offensive security engagements, including web, mobile, API, and network penetration tests . You'll be the technical authority for both clients and your team. Client Management & Scoping: Act as the technical leader for client engagements. This involves scoping solutions to their cybersecurity challenges and serving as a security subject matter expert. You will also solution and scope new projects, such as penetration tests and cloud security projects. Team Leadership & Mentorship: Lead the technical delivery of engagements by defining the execution strategy , delegating tasks to junior team members (Associate Consultants and Consultants), and providing them with feedback and mentorship. You will serve as a role model for their career growth. Strategic Initiatives: Contribute to the growth and evolution of the practice by executing internal strategic initiatives and thinking strategically about ways to improve the team. Essential Traits & Prerequisites Kroll is looking for a candidate with a strong background in offensive security and the soft skills to lead and mentor a team. Experience: A minimum of 6+ years in cybersecurity. At least 3+ years specifically in penetration testing, application security, or red teaming. Proven ability to lead and deliver cybersecurity engagements. Experience working both independently and as part of a team. Technical Expertise: Expert knowledge of key offensive and defensive security domains, including application security, cloud security, and infrastructure security . High degree of adaptability, being tool- and industry-agnostic. Education & Soft Skills: A Bachelor's degree or college diploma in information security, computer science, engineering, or a related field. Excellent oral and written communication skills are essential. The willingness to be generous with your knowledge and patient with junior team members is a critical trait for this role.

Kroll is a global leader in risk and financial advisory solutions. The company's Offensive Security professionals focus on discovering and mitigating unique security risks for clients worldwide, using cutting-edge tools and expert knowledge to find vulnerabilities in networks, systems, and software. Role & Responsibilities The Senior Consultant will report to a Principal Consultant in India and play a central role in Kroll's cybersecurity practice. This position combines technical leadership with client-facing responsibilities and mentorship. Project Leadership & Execution: Lead and deliver various offensive security engagements, including web, mobile, API, and network penetration tests . You'll be the technical authority for both clients and your team. Client Management & Scoping: Act as the technical leader for client engagements. This involves scoping solutions to their cybersecurity challenges and serving as a security subject matter expert. You will also solution and scope new projects, such as penetration tests and cloud security projects. Team Leadership & Mentorship: Lead the technical delivery of engagements by defining the execution strategy , delegating tasks to junior team members (Associate Consultants and Consultants), and providing them with feedback and mentorship. You will serve as a role model for their career growth. Strategic Initiatives: Contribute to the growth and evolution of the practice by executing internal strategic initiatives and thinking strategically about ways to improve the team. Essential Traits & Prerequisites Kroll is looking for a candidate with a strong background in offensive security and the soft skills to lead and mentor a team. Experience: A minimum of 6+ years in cybersecurity. At least 3+ years specifically in penetration testing, application security, or red teaming. Proven ability to lead and deliver cybersecurity engagements. Experience working both independently and as part of a team. Technical Expertise: Expert knowledge of key offensive and defensive security domains, including application security, cloud security, and infrastructure security . High degree of adaptability, being tool- and industry-agnostic. Education & Soft Skills: A Bachelor's degree or college diploma in information security, computer science, engineering, or a related field. Excellent oral and written communication skills are essential. The willingness to be generous with your knowledge and patient with junior team members is a critical trait for this role.

Job Description Summary role description: Hiring for a Head of Cybersecurity - India Business for a global digital transformation and cybersecurity provider. Company description: Our client is a global digital transformation and cybersecurity provider with decades of experience, serving over 300 clients across industries. They help organizations navigate complex business and technology challenges by providing innovative solutions in areas such as AI, cloud, data, automation, and cybersecurity. Known for their expertise and recognized in the industry, their teams work closely with clients to drive business growth, operational efficiency, and secure transformation. Role details: Title / Designation : Head of Cybersecurity - India Business Location: India (Bengaluru/Mumbai/Pune preferred) Role & responsibilities: Define and execute the India Cybersecurity growth strategy aligned with global objectives and manage full P&L responsibility. Drive revenue via new clients, strategic accounts, and partnerships. Build and lead high-performing sales and presales teams. Engage CISOs and executives in large pursuits and complex deals. Oversee presales, solutioning, proposals, and client workshops. Align sales and technical teams to deliver client-focused solutions. Strengthen client relationships for long-term business impact. Collaborate with delivery leaders to ensure client success. Proven cybersecurity sales leadership, business development, and strategic account growth experience. Candidate requirements: 20+ years of experience in IT services or cybersecurity consulting, including 5+ years in a leadership role. Proven track record of growing a ?100Cr+ cybersecurity services business in India with strong P&L ownership. Demonstrated success in new client acquisition and enterprise account expansion. Represent the company as a thought leader in industry forums, webinars, and conferences. Ability to engage credibly with CISOs, CIOs, and Boards on security strategy, compliance, and digital transformation. Strong understanding of the India cybersecurity market across BFSI, Manufacturing, Telecom, and other industries. Deep knowledge of key cybersecurity offerings such as MDR, SOC, IAM, Cloud Security, GRC, Offensive Security, VAPT, and SVS. Selection process: Interview by CGO Interview by CHRO Interview by CEO Interview by PE HR discussion Benefits Check Your Resume for Match Upload your resume and our tool will compare it to the requirements for this job like recruiters do.

Job Description Summary role description: Hiring for a Head of Cybersecurity - India Business for a global digital transformation and cybersecurity provider. Company description: Our client is a global digital transformation and cybersecurity provider with decades of experience, serving over 300 clients across industries. They help organizations navigate complex business and technology challenges by providing innovative solutions in areas such as AI, cloud, data, automation, and cybersecurity. Known for their expertise and recognized in the industry, their teams work closely with clients to drive business growth, operational efficiency, and secure transformation. Role details: Title / Designation : Head of Cybersecurity - India Business Location: India (Bengaluru/Mumbai/Pune preferred) Role & responsibilities: Define and execute the India Cybersecurity growth strategy aligned with global objectives and manage full P&L responsibility. Drive revenue via new clients, strategic accounts, and partnerships. Build and lead high-performing sales and presales teams. Engage CISOs and executives in large pursuits and complex deals. Oversee presales, solutioning, proposals, and client workshops. Align sales and technical teams to deliver client-focused solutions. Strengthen client relationships for long-term business impact. Collaborate with delivery leaders to ensure client success. Proven cybersecurity sales leadership, business development, and strategic account growth experience. Candidate requirements: 20+ years of experience in IT services or cybersecurity consulting, including 5+ years in a leadership role. Proven track record of growing a ?100Cr+ cybersecurity services business in India with strong P&L ownership. Demonstrated success in new client acquisition and enterprise account expansion. Represent the company as a thought leader in industry forums, webinars, and conferences. Ability to engage credibly with CISOs, CIOs, and Boards on security strategy, compliance, and digital transformation. Strong understanding of the India cybersecurity market across BFSI, Manufacturing, Telecom, and other industries. Deep knowledge of key cybersecurity offerings such as MDR, SOC, IAM, Cloud Security, GRC, Offensive Security, VAPT, and SVS. Selection process: Interview with CGO Interview with CHRO Interview with CEO Interview with PE HR discussion Check Your Resume for Match Upload your resume and our tool will compare it to the requirements for this job like recruiters do.

Job Description Summary role description: Hiring for a Head of Cybersecurity - India Business for a global digital transformation and cybersecurity provider. Company description: Our client is a global digital transformation and cybersecurity provider with decades of experience, serving over 300 clients across industries. They help organizations navigate complex business and technology challenges by providing innovative solutions in areas such as AI, cloud, data, automation, and cybersecurity. Known for their expertise and recognized in the industry, their teams work closely with clients to drive business growth, operational efficiency, and secure transformation. Role details: Title / Designation : Head of Cybersecurity - India Business Location: India (Bengaluru/Mumbai/Pune preferred) Role & responsibilities: Define and execute the India Cybersecurity growth strategy aligned with global objectives and manage full P&L responsibility. Drive revenue via new clients, strategic accounts, and partnerships. Build and lead high-performing sales and presales teams. Engage CISOs and executives in large pursuits and complex deals. Oversee presales, solutioning, proposals, and client workshops. Align sales and technical teams to deliver client-focused solutions. Strengthen client relationships for long-term business impact. Collaborate with delivery leaders to ensure client success. Proven cybersecurity sales leadership, business development, and strategic account growth experience. Candidate requirements: 20+ years of experience in IT services or cybersecurity consulting, including 5+ years in a leadership role. Proven track record of growing a ?100Cr+ cybersecurity services business in India with strong P&L ownership. Demonstrated success in new client acquisition and enterprise account expansion. Represent the company as a thought leader in industry forums, webinars, and conferences. Ability to engage credibly with CISOs, CIOs, and Boards on security strategy, compliance, and digital transformation. Strong understanding of the India cybersecurity market across BFSI, Manufacturing, Telecom, and other industries. Deep knowledge of key cybersecurity offerings such as MDR, SOC, IAM, Cloud Security, GRC, Offensive Security, VAPT, and SVS. Selection process: Interview with CGO Interview with CHRO Interview with CEO Interview with PE HR discussion Check Your Resume for Match Upload your resume and our tool will compare it to the requirements for this job like recruiters do.

You will be responsible for performing threat models and architecture reviews for complex projects. Additionally, you will conduct penetration testing on a wide range of technologies and communicate your findings effectively through high-quality reports and presentations. Your role will also involve providing guidance and education to partnering teams, building relationships, influencing and improving security culture through various initiatives such as presentations and training sessions. Furthermore, you may participate in or lead Red Team operations against large organizations within Apple, support partnering blue teams in responding to threats, and enhancing detections. You will be expected to develop tooling to support your primary responsibilities and deliver security campaigns and initiatives to enhance the security posture of the organization. To be considered for this role, you should have experience in performing threat models or architecture reviews, a strong ability to penetration test applications, infrastructure, and cloud environments, and a solid understanding of fundamental networking and security concepts. Proficiency in programming/scripting languages such as Go, Java, JavaScript, Python, etc., as well as the ability to read and audit various programming languages, will be essential. Familiarity with MacOS and other Unix-based systems, knowledge of cloud architecture and security, and a BSc in Computer Science or equivalent qualification are desired qualifications. Preferred qualifications for this position include OSCP or OSWE certification, experience with CTFs or hacking labs, securing and pentesting mobile applications, participating in or leading red teams or similar offensive security engagements, and having publications, security research, bug bounties, or CVEs to your credit. Experience in presenting to both technical and non-technical audiences, a passion for information security, the ability and motivation to learn new skills, concepts, and technologies, excellent written and verbal communication skills, and the ability to take ownership of security problems and drive remediation to completion will be highly valued. You should be self-motivated, able to work independently and as part of a global team, and have the ability to grasp large sophisticated systems and context-switch when needed. Additionally, you must be willing to work from both the office and home, with some international travel may be required. If you meet the qualifications and are interested in this opportunity, please submit your CV for consideration.,

You have an exciting opportunity to advance your career as a Cybersecurity Architect III at JPMorgan Chase within the Adversarial Insights team in the Cybersecurity & Control team. In this role, you will be part of a dedicated team focused on addressing cybersecurity challenges and strengthening our security posture. Your responsibilities will include participating in design and implementation review workshops from an adversarial perspective, conducting security reviews, and suggesting technical controls to protect our critical infrastructure from both internal and external threats. You will collaborate with product security and engineering teams to evaluate strategic solutions for various technologies such as on-premises, cloud, Blockchain, and AI/ML. Engaging in architecture reviews will allow you to interact with stakeholders and make valuable contributions to our cybersecurity initiatives. Furthermore, you will be involved in conducting thorough analyses of security and process gaps, offering insights and recommendations to senior leadership. Your role will also entail identifying security vulnerabilities through an adversary-led approach, assessing security controls, and proposing risk mitigation strategies. Building strong relationships with stakeholders and delivering exceptional service during and after architecture reviews are key aspects of this position. You will have the opportunity to work collaboratively towards common objectives and contribute to the development of strategic security solutions that support JPMC businesses. Job Responsibilities: - Conduct security configuration, deployment, design, and architecture reviews to ensure alignment with organizational policies and standards. - Collaborate with product teams across different technology domains to assess architecture and deployment patterns for compliance with security methodologies. - Identify security weaknesses in product attack surfaces, verify security controls, and recommend risk mitigation strategies. - Coordinate remediation efforts with stakeholders to address thematic issues. - Provide outstanding service to stakeholders throughout architecture reviews. - Collaborate effectively to establish meaningful relationships and accomplish shared goals. - Contribute to the creation of strategic security solutions that benefit JPMC businesses. Required Qualifications, Capabilities, and Skills: - Formal training or certification in Cybersecurity concepts with at least 3 years of applied experience. - Proficiency in application, data, and infrastructure architecture disciplines. - Strong analytical skills with the ability to perform root cause analysis. - Hands-on experience in offensive security, including penetration testing and red teaming. - Proficiency in Python or other scripting languages. - Expertise in security design/architecture reviews and code review/threat modeling at an enterprise level for a minimum of 2 years. - Experience in areas such as Data Security, Infrastructure Security, Application Security, Cloud Security, Endpoint/Platform Security, Security Analytics, and security testing or compliance frameworks. - Strategic thinking skills with a keen interest in business strategy and processes. Preferred Qualifications, Capabilities, and Skills: - Familiarity with Microservices Architecture, Multi-Cloud environments (AWS, GCP, Azure), and OAuth.,

Ready to shape the future of work At Genpact, we don&rsquot just adapt to change&mdashwe drive it. AI and digital innovation are redefining industries, and we&rsquore leading the charge. Genpact&rsquos , our industry-first accelerator, is an example of how we&rsquore scaling advanced technology solutions to help global enterprises work smarter, grow faster, and transform at scale. From large-scale models to , our breakthrough solutions tackle companies most complex challenges. If you thrive in a fast-moving, tech-driven environment, love solving real-world problems, and want to be part of a team that&rsquos shaping the future, this is your moment. Genpact (NYSE: G) is an advanced technology services and solutions company that delivers lasting value for leading enterprises globally. Through our deep business knowledge, operational excellence, and cutting-edge solutions - we help companies across industries get ahead and stay ahead. Powered by curiosity, courage, and innovation , our teams implement data, technology, and AI to create tomorrow, today. Get to know us at and on , , , and . Inviting applications for the role of Senior Manager- Offensive Security Engineer We are seeking a highly skilled and experienced offensive security engineer to join our team. The ideal candidate will have at relevant experience in the security testing domain, with offensive security engagements . Responsibilities: Offensive Security Engagements: Conduct system-level and network-level red team exercises along with penetration testing activities. Tool Proficiency: Utilize offensive security tools and frameworks like Metasploit, Burp Suite, custom exploit tools, and more. Documentation & Reporting: Ensure comprehensive documentation of assessment findings along with remediation recommendations. Research & Development: Develop new attack vectors and exploit techniques while validating their effectiveness. Collaboration: Work closely with development teams and other security teams to ensure effective communication and collaboration. Project Management: Manage multiple projects simultaneously while maintaining high organizational standards. Qualifications we seek in you! Minimum Qualifications Relevant years of experience working on offensive security engagements and security testing domain Excellent proficiency with OWASP, MITRE, Generative AI security, offensive security tools, penetration testing, and red teaming frameworks Experience using tools such as Metasploit, Burp Suite, custom exploit tools and s tay updated with the latest security trends, tools and strategies. Strong problem-solving skills for researching, developing, and validating new attack vectors Excellent written and verbal communication skills for clear documentation Highly organized individual capable of managing multiple projects simultaneously Effective communication skills for collaborating closely with development teams Preferred Qualifications/ Skills Proven track record in executing high-risk ethical hacks on both internal and external applications globally Experience integrating MITRE ATT&CK framework TTPs into red team exercises for emulating advanced threat actors Proficiency in creating scripts or frameworks designed for complex undetectable attacks Ability to coordinate operational briefings alongside presentations tailored for nontechnical audiences including executive management Support during security incidents by identifying root causes while recommending detection measures alongside prevention measures Perform research on emerging technologies while designing frameworks suited for red team exercises involving new technologies Must be flexible with work timings. Why join Genpact Be a transformation leader - Work at the cutting edge of AI, automation, and digital innovation Make an impact - Drive change for global enterprises and solve business challenges that matter Accelerate your career - Get hands-on experience, mentorship, and continuous learning opportunities Work with the best - Join 140,000+ bold thinkers and problem-solvers who push boundaries every day Thrive in a values-driven culture - Our courage, curiosity, and incisiveness - built on a foundation of integrity and inclusion - allow your ideas to fuel progress Come join the tech shapers and growth makers at Genpact and take your career in the only direction that matters: Up. Let&rsquos build tomorrow together. Genpact is an Equal Opportunity Employer and considers applicants for all positions without regard to race, color , religion or belief, sex, age, national origin, citizenship status, marital status, military/veteran status, genetic information, sexual orientation, gender identity, physical or mental disability or any other characteristic protected by applicable laws. Genpact is committed to creating a dynamic work environment that values respect and integrity, customer focus, and innovation. Furthermore, please do note that Genpact does not charge fees to process job applications and applicants are not required to pay to participate in our hiring process in any other way. Examples of such scams include purchasing a %27starter kit,%27 paying to apply, or purchasing equipment or training.

Role Overview As Senior Mananger/AVP Offensive security services, you will provide strategic and technical leadership for NopalCybers Offensive Security practice. You will lead and evolve core services such as Penetration Testing, Red Teaming, Application Security Assessments, BAS, AI Security and Threat Simulation. This role requires deep technical expertise, engagement leadership, and the ability to influence C-level clients while driving operational excellence across service delivery. You will be accountable for the scaling, maturity, and quality of offensive security services across multiple client environments, and responsible for shaping the offensive security roadmap, delivery methodologies, and team capability development. Key Responsibilities Own and lead the Offensive Security & VAPT function, including service line P&L, strategic delivery roadmap, team management, and client satisfaction. Architect and oversee enterprise-scale VAPT and red team engagements, driving delivery excellence across infrastructure, applications, APIs, mobile, and cloud environments. Engage directly with senior client stakeholders (CISOs, CTOs, Risk Leaders) to translate business risk into actionable technical assessments and recommend mitigation strategies. Define testing frameworks and reusable methodologies to standardize and elevate delivery across projects, including red teaming, threat emulation, and advanced attack simulations. Direct a high-performing offensive security team, including Red Teamers, AppSec specialists, and security testers, ensuring their continuous development and engagement. Lead strategic threat modeling and secure design reviews in collaboration with clients' architecture and engineering teams, integrating security into early lifecycle stages. Govern quality of deliverables, including technical findings, risk summaries, and executive-ready reports, ensuring alignment with business impact and remediation feasibility. Drive operational excellence across testing engagements, ensuring timelines, SLAs, and KPIs (e.g., MTTR, false positive rate, TTP coverage) are consistently met or exceeded. Spearhead R&D initiatives to evaluate emerging threats, tools, and offensive capabilities relevant to client environments and evolving attack surfaces. Collaborate with cross-functional internal teams (MXDR, GRC, Incident Response, Product) to align offensive security outputs with broader risk and advisory services. Represent NopalCyber at industry forums, client executive reviews, and security advisory boards as a trusted expert in offensive cybersecurity. Required Qualifications Bachelor&aposs degree in Engineering, Computer Science, or a related field; a Masters is preferred. 1218 years of experience in cybersecurity with at least 5 years in leadership roles across VAPT, Red Team, or Application Security domains. Demonstrated experience managing technical delivery and strategic outcomes for multiple clients or large-scale programs. Preferred Certifications Mandatory: OSCP, CEH Highly Desirable: OSCE, OSWE, GPEN, GWAPT, GCIH, GXPN, CISSP Desired Skills In-depth understanding of modern attack vectors, OWASP Top 10, MITRE ATT&CK, and real-world exploitation techniques. Strong command of tools such as Burp Suite Pro, Cobalt Strike, Metasploit, Nmap, Kali Linux, AppDetective, and WebInspect. Proficiency in cloud security testing across AWS, Azure, or GCP; experience with containerized and microservices-based environments. Hands-on exposure to reviewing or attacking applications built using C++, Java, Python, Go, JavaScript, and working within Kubernetes or CI/CD pipelines. Capability to present complex technical findings in clear, business-relevant language to executive stakeholders. Leadership Attributes Strategic thinker with a track record of scaling cybersecurity programs or service lines. Proven ability to lead, mentor, and retain high-performing technical teams. Exceptional client engagement and communication skills. Ability to influence and collaborate across teams and functions to drive security outcomes. #PenetrationTesting #RedTeamOperations #ApplicationSecurity #OffensiveSecurity #CybersecurityLeadership #CloudSecurity #ThreatModeling #OWASP #StakeholderManagement #OSCP #MITREATTACK Show more Show less

As a seasoned professional in the field of cybersecurity, you will be responsible for leading and managing large, complex penetration testing and security testing engagements from start to finish. Your role will involve serving as the primary technical and engagement lead for key client accounts, ensuring timely delivery, maintaining quality assurance, and facilitating stakeholder communication throughout project lifecycles. Furthermore, you will play a crucial role in providing mentorship and guidance to junior and mid-level consultants. In terms of technical execution, you will be expected to perform and review a wide range of security assessments including web, mobile, API, network, cloud, and configuration security assessments. It is essential to uphold technical excellence across multiple service lines by staying abreast of the latest vulnerabilities, tools, and attack techniques. Additionally, you will be involved in conducting business logic reviews, threat modeling, and red teaming exercises as necessary. Client engagement is a key aspect of this role, where you will act as a trusted advisor to clients by offering strategic security recommendations and actionable insights. This may involve participating in onsite visits, workshops, and executive-level presentations, as well as handling sensitive engagements with professionalism and discretion. Your support in presales activities will be invaluable, as you contribute to RFP responses, proposal writing, and technical solutioning. You will also be expected to participate in client sales meetings and scoping discussions, providing accurate effort estimations and assisting in defining delivery models. In terms of practice development, your input will be essential in refining security testing services and methodologies. You will be instrumental in driving internal initiatives aimed at enhancing quality, efficiency, and innovation in service delivery. Additionally, creating technical content, whitepapers, or knowledge base articles to support team growth will be part of your responsibilities. To excel in this role, you should possess a minimum of 5 years of hands-on experience in penetration testing or offensive security, with a proven track record of leading complex security assessments for large clients. Expertise in a variety of areas such as Web, Mobile, Network, API, Cloud, Configuration Reviews, and Red Teaming is required. Familiarity with security standards like OWASP, PTES, NIST, and MITRE ATT&CK is highly desirable. Strong communication and client-facing skills are essential, as well as experience in supporting presales efforts, including proposals, SOWs, and client discussions. Possessing certifications such as OSCP, OSWA, CRTO, CREST CRT/CCT, or similar will be advantageous. Key competencies for success in this role include accountability, effective oral and written communication, strong analytical skills, passion for cybersecurity, and adaptability to evolving security landscapes.,

Join our diverse team as we embark on our roadmap to strengthen Macquarie's security posture. You will collaborate with a team of security professionals to deliver complex offensive security engagements and contribute to Macquarie's security practices at both tactical and strategic levels. At Macquarie, our advantage is bringing together diverse people and empowering them to shape all kinds of possibilities. We are a global financial services group operating in 31 markets and with 56 years of unbroken profitability. You'll be part of a friendly and supportive team where everyone - no matter what role - contributes ideas and drives outcomes. You will be responsible for executing penetration tests, evaluating findings, reporting results, providing remediation advice, and improving security testing processes. Additionally, you will contribute to Macquarie's security practices at both tactical and strategic levels. What You Offer: - Strong hands-on experience of 9 to 13 years in either security testing or software development. - A solid theoretical background in offensive security subjects, such as web application security, mobile security, and infrastructure security (including cloud and containers) and thick client application. - A willingness to learn, discover, and apply the latest offensive security tactics, techniques, and procedures. - The ability to perform thorough analyses and strive to identify the root causes behind vulnerabilities. - The ability to effectively convey technical insights to both technical and non-technical audiences, including C-level executives, through written and verbal communication. - Practical certifications such as BSCP, CBBH, CPTS, OSCP, or OSWE are considered an advantage. We love hearing from anyone inspired to build a better future with us, if you're excited about the role or working at Macquarie we encourage you to apply. Macquarie employees can access a wide range of benefits which, depending on eligibility criteria, include: - Hybrid and flexible working arrangements - One wellbeing leave day per year - Up to 20 weeks paid parental leave as well as benefits to support you as you transition to life as a working parent - Paid volunteer leave and donation matching - Other benefits to support your physical, mental and financial wellbeing - Access a wide range of learning and development opportunities Technology enables every aspect of Macquarie, for our people, our customers, and our communities. We're a global team that is passionate about accelerating the digital enterprise, connecting people and data, building platforms and applications, and designing tomorrow's technology solutions.,

As part of its mission to detect and monitor vulnerabilities of all Safran' systems exposed over the Internet, the cybersecurity team of the Digital and Information System Department needs to reinforce its vulnerability assessment team. The objective of the job is to detect vulnerabilities affecting Safran's assets exposed on the internet in order to reduce the attack surface . By using a scalable means of continuously monitoring, you will identify risky elements and define efficient remedial action. Role & responsibilities Assets Discovery: - Use ASM platform to discover and continuously monitor Safran's technical assets exposed on the Internet. - Follow the evolution of these assets over time - Complete inventory of Safran's internet assets Vulnerability assessment: - Detect Vulnerabilities and policy violations - Evaluate supplier risk and assess the security of acquired companies. - Identify critical vulnerabilities in assets that cyber attackers could exploit - Investigate and recommend appropriate corrective actions - Detect false positive using tools or manual methods - Directly report to operational team when a vulnerability is detected - Review escalated cases until closure Vulnerability reporting: - Ensure an appropriate reporting - Prepare meetings and draw reports - Monthly meetings with different stakeholders (with operational teams, CISO, cybersecurity team) Preferred candidate profile Cortex Xpanse - Attack Surface Management platform. SecurityScorecard - Security Ratings & Cybersecurity Risk platform

Malware & Threat Intelligence Research – Offensive Security Researcher https://zrec.in/5789h?source=CareerSite

Apply on company website- https://zrec.in/hIRJh?source=CareerSite

Job Title: Manager - Offensive Security (IC Role / Operational Lead) We're seeking a highly skilled offensive security specialist to lead and drive offensive security operations within our cybersecurity program. While this is an individual contributor (IC) position, the title Manager reflects the role's strategic and operational leadership - not people management. The ideal candidate will have 5-7 years of hands-on experience in red teaming, adversary simulation, or penetration testing, with a strong grasp of attack techniques and the ability to plan, coordinate, and execute advanced offensive assessments. You will be responsible for shaping offensive engagements, guiding technical direction, collaborating with internal teams, and ensuring that offensive operations align with real-world threats and business risk. If you're a technically strong operator who can lead from the front , connect offensive insights to organizational impact, and drive continuous improvement in testing capabilities, this role is for you. Key Responsibilities: Lead offensive security operations end-to-end - from scoping and planning to execution and reporting. Design, coordinate, and execute advanced attack simulations aligned to the MITRE ATT&CK framework. Develop and lead Red Team and adversary emulation campaigns across infrastructure, applications, and cloud environments. Identify and exploit security gaps using real-world TTPs including privilege escalation, lateral movement, and domain dominance. Collaborate closely with defensive teams during Purple Team exercises to enhance detection and response capabilities. Own and improve Red Team methodologies, tools, playbooks, and workflows. Deliver high-quality technical reports and executive-level summaries with clear articulation of attack paths, risks, and mitigations. Stay ahead of the curve on evolving attacker techniques and incorporate them into offensive strategy. Mentor junior red teamers and act as the primary technical escalation point for offensive assessments. Represent offensive operations in internal security reviews and technical steering meetings. Experience: 5-7 years of hands-on experience in Red Teaming, Penetration Testing, or Offensive Security roles. Proven experience in leading complex offensive assessments across enterprise environments. Experience in managing offensive operations, engagement lifecycle, and cross-team coordination. Technical Skills: Deep understanding of Windows and Linux internals, enterprise AD security, and cloud attack surfaces. Proficient in lateral movement techniques, domain escalation, Kerberoasting, delegation abuse, and token manipulation. Comfortable with C2 frameworks (e.g., Cobalt Strike, Sliver, Mythic) and OPSEC-aware post-exploitation. Hands-on experience with tools like BloodHound, Mimikatz, Rubeus, Responder, SharpHound, Burp Suite, etc. Strong familiarity with the MITRE ATT&CK framework and applying it operationally. Scripting experience in PowerShell, Python, or Bash for PoCs, tooling, or automation. Communication & Reporting: Strong technical documentation and reporting skills - ability to translate offensive findings into structured, actionable reports. Ability to confidently present findings, attack paths, and risk narratives to both technical and leadership stakeholders. Skilled in articulating the business impact of technical vulnerabilities and threat scenarios. Preferred Qualifications: Experience leading Purple Team engagements and cross-functional security exercises. Exposure to threat intelligence-led Red Teaming methodologies (e.g., TIBER-EU, CBEST). Familiarity with Application Security (AppSec) testing methodologies. Exposure to AI/ML Red Teaming or adversarial testing of AI models and pipelines. Understanding of EDR/AV evasion, payload delivery, and defense bypass strategies. Experience in building offensive tools or attack automation frameworks. Relevant certifications: OSCP, CRTO, CRTP, OSEP , or equivalent.

Dear Candidate, Greetings from Northern Trust! Northern Trust is currently having an exciting vacancy of Associate, Cyber Security position for our Pune location. Your profile seems to be matching the requirement. Please find below the company and job details for your reference Company Details: Northern Trust, a Fortune 500 company, is a globally recognized, award-winning financial institution that has been in continuous operation since 1889. Northern Trust is proud to provide innovative financial services and guidance to the worlds most successful individuals, families, and institutions by remaining true to our enduring principles of service, expertise, and integrity. With more than 130 years of financial experience and over 22,000 partners, we serve the worlds most sophisticated clients using leading technology and exceptional service. Job Role: Associate, Cyber Security Job Location: Pune Experience: 4 to 8 years Skills: Security operations, Offensive Security, ServiceNow, OSCP Job Description: Role/ Department: The Purple Team Analyst will work as part of the wider Global Threat Management team in the continuous development of the cyber operations program. The purple team will work very closely with The Global Threat Management Team. The Global Threat Management Team is responsible for vulnerability management, threat technology management and security monitoring. The key responsibilities of the role include: Working with the wider technology teams to improve technology hygiene and reduce the attack surface. Design and run exercise campaigns based on industry specific threat intelligence and vulnerabilities. Provide continuous learning and training opportunities for the Global Threat Management team as a result of continuous exercise campaigns. Act as an integral driver of the cyber operations development programme, benchmarking results against industry standard frameworks including MITRE and NIST. Configure and safely utilize attack tools, tactics, and procedures against a simulation lap. Develop scripts, tools, or methodologies to enhance purple teaming capabilities. Help to execute the Purple Team strategy to further enhance the security posture of the firm. Effectively communicate findings and strategy to stakeholders including technical staff, executive leadership. Skills/ Qualifications: Relevant experience in information security and adversary simulation. Detailed knowledge of global cyber threats, threat actors, and the tactics, techniques and procedures used by cyber adversaries, specifically those targeting the financial services sector. Experience in large scale information technology implementations and operations preferred. Industry certifications such as OSCP, OSCE, OSWE, GPEN, GCIH, GWAPT, or GXPN. Proficient in exploitation and post exploitation frameworks such as Cobalt Strike, Metasploit Framework, Empire. Proficient in one or more of the following scripting languages (Python, PowerShell, Bash, Ruby) Advanced knowledge of Windows Operating System architecture and internals. Strong knowledge of core Information Technology concepts such as TCP/IP networking, Windows & Active Directory, Unix/Linux, Mainframe, Cloud Service Providers, Relational Databases, Data Warehouses, and filesystems. If you are interested to pursue this opportunity further, kindly respond back with your resume and details at the earliest. Regards, Northern Trust Talent Acquisition Team

Location: Mumbai (Candidates should be born and brought up in Mumbai) Experience: 5-7 years Notice Period: Immediate to 30 days ________________________________________ We are seeking a Pen tester (Penetration Testing) to join our cybersecurity team. The ideal candidate will have proven experience in penetration testing, vulnerability assessment, and offensive security operations. Key Responsibilities: Conduct penetration testing on web applications, ERP, SAP systems, and infrastructure assets. Draft business risk-oriented reports and assist teams in mitigating identified vulnerabilities. Contribute to the creation and implementation of security tools to secure the Saint-Gobain environment. Participate in Red Team and Purple Team exercises. Define and implement quality and performance metrics for the cybersecurity roadmap. Qualifications: Educational Background: Bachelors degree in Computer Science or Information Security; relevant certifications (e.g., OSCP, CRTP, CompTIA Security+) are a plus. Technical Expertise: Hands-on experience in web application and API penetration testing tools. Knowledge Areas: o Strong understanding of OWASP Top 10 or SANS Top 25. o Familiarity with malware, TCP/UDP packets, IDS/IPS, web proxies, SIEM, DNS security, and firewalls. o Basic knowledge of ERP and SAP systems. o Mobile and thick client application penetration testing. Skills: Scripting experience (e.g., Python, Bash, Powershell, C#) for automation. Participation in CTF challenges (Hack the Box, Root Me, TryHackMe) is a plus.

Job Description Do you want to lead teams that find and exploit security vulnerabilities in Fortune 100 companies, critical infrastructure, and public sector agencies impacting millions of users? Join Securins Offensive Security Team where you'll emulate real-world attacks and oversee advanced offensive operations. We are a cross-disciplinary group of red teamers, adversarial AI researchers, and software developers dedicated to finding and fixing vulnerabilities across critical digital ecosystems. Role & responsibilities - Lead and perform advanced offensive security assessments, including Red Team operations, threat-based evaluations, and vulnerability exploitation. - Supervise and mentor a team of offensive engineers, manage task prioritization, and ensure high-quality delivery. - Execute Red Team operations on production systems, including AI platforms, using real-world adversarial tactics. - Provide strategic and technical security guidance to internal and external stakeholders. - Collaborate cross-functionally to integrate findings into enterprise detection and defense strategies. - Research and develop adversary TTPs across the full attack lifecycle. - Build tools to automate and scale offensive emulation and vulnerability discovery, utilizing AI/ML systems. - Continuously evaluate and enhance assessment methodologies and frameworks used by the team. - Contribute to the security community through publications, presentations, bug bounties, and open-source projects. Required Qualifications - 5+ years of experience in offensive security, red teaming, or penetration testing with at least 1 year in a leadership role. - Bachelors or Masters degree in Computer Science, Computer Engineering, or relevant field; or equivalent experience. - Expert knowledge of offensive security tactics, threat modeling, APT emulation, and Red Team operations. - Strong understanding of MITRE ATT&CK framework and exploitation of common vulnerabilities. - Proficiency in one or more programming/scripting languages (Python, Go, PowerShell, C/C++, etc.). - Hands-on experience with penetration testing tools such as Metasploit, Burp Suite Pro, NMAP, Nessus, etc. - Familiarity with security in cloud environments (AWS, Azure, GCP) and across Windows/Linux/macOS platforms. - Ability to clearly articulate findings to technical and executive audiences and lead mitigation efforts. - Authorization to work in the country of employment at time of hire and ongoing during employment. Preferred Qualifications - Certifications like OSCP, OSCE, OSEP, CRTO, or equivalent. - Experience with Purple Team operations and threat intelligence integration. - Track record in CTF competitions or bug bounty programs. - Reverse engineering experience or malware analysis expertise. - Exposure to Responsible AI and adversarial machine learning. - Participation in AI Village at DEFCON or similar security research events. - Publications or contributions to conferences such as AISec, NeurIPS, FAccT, or IC4. Other Requirements Ability to meet Securin, customer, and/or government security screening requirements. This includes a background check at the time of hire/transfer and every two years thereafter. Who Should Apply You have experience executing technical research and offensive security strategies with teams. You are skilled in experimental security science and confident in building your own tools. You clearly communicate findings, are mission-driven, and want to drive change in AI and cybersecurity. Role-Specific Policy This hybrid role requires in-office presence at least 50% of the time. Locations: Chennai, Tamil Nadu (India)

Role & responsibilities Perform Dynamic Application Security Testing (DAST) on APIs and web applications using both manual and automated methods. Analyze DAST scan results, identify and prioritize vulnerabilities based on risk. Participate in triage sessions with application teams to explain and document vulnerabilities. Conduct deep API security testing (REST, SOAP, GraphQL) to uncover issues like BOLA, logic flaws, and abuse scenarios. Perform red teaming, adversary emulation, and use offensive security tools (if applicable). Craft custom exploit chains and adaptive payloads to validate vulnerabilities (e.g., deserialization, command injection, broken access control). Maintain and improve custom testing scripts, payload repositories, and test cases. Conduct Static Application Security Testing (SAST) as needed and understand differences from DAST. Use and maintain various security tools (e.g., Burp Suite, NetSparker, Checkmarx, Veracode, Fortify). Collaborate with developers, DevOps, and security teams to address identified vulnerabilities. Communicate security findings effectively to both technical and non-technical audiences. Maintain thorough documentation of security tests, findings, and remediation efforts. Contribute to improving security testing processes and strategies. Preferred candidate profile Experience: 57 years in Web Application Security Testing, including DAST, SAST, and API Security. Strong knowledge of API security principles and common vulnerabilities. Proficiency in Kali Linux penetration testing tools like SQLMAP, Dirbuster, etc. Working knowledge of HTML and JavaScript. Added advantage: Proficiency in front-end (e.g., .NET, Java) and back-end technologies (e.g., Oracle). Exposure to common web vulnerabilities such as SQL Injection, XSS, CSRF; experience in bug bounty programs is a plus. Experience in security testing of mobile apps and IoT applications is a bonus. Familiarity with security testing tools: DAST tools: Burp Suite, NetSparker SAST tools: Checkmarx, Veracode, Fortify Strong analytical and problem-solving skills. Excellent written and verbal communication skills. Security certifications (Offensive Security, SANS, CREST, etc.) focused on web application security are a strong plus

We are looking for an experienced Penetration Tester / Offensive Security Analyst for a 6-month full-time onsite role in Hyderabad. The ideal candidate will have 5-7 years of experience in offensive security, with a strong background in application and network penetration testing, red teaming, threat modeling, source code review, and vulnerability assessments. This role involves performing and leading advanced security assessments on web, mobile, APIs, cloud, and infrastructure environments. The candidate should be capable of working across general and UK shifts and possess excellent communication skills for both technical and non-technical audiences. Certification like OSCP/OSCE/CEH is desirable.