7 Offensive Security Jobs

Location: Mumbai (Candidates should be born and brought up in Mumbai) Experience: 5-7 years Notice Period: Immediate to 30 days ________________________________________ We are seeking a Pen tester (Penetration Testing) to join our cybersecurity team. The ideal candidate will have proven experience in penetration testing, vulnerability assessment, and offensive security operations. Key Responsibilities: Conduct penetration testing on web applications, ERP, SAP systems, and infrastructure assets. Draft business risk-oriented reports and assist teams in mitigating identified vulnerabilities. Contribute to the creation and implementation of security tools to secure the Saint-Gobain environment. Participate in Red Team and Purple Team exercises. Define and implement quality and performance metrics for the cybersecurity roadmap. Qualifications: Educational Background: Bachelors degree in Computer Science or Information Security; relevant certifications (e.g., OSCP, CRTP, CompTIA Security+) are a plus. Technical Expertise: Hands-on experience in web application and API penetration testing tools. Knowledge Areas: o Strong understanding of OWASP Top 10 or SANS Top 25. o Familiarity with malware, TCP/UDP packets, IDS/IPS, web proxies, SIEM, DNS security, and firewalls. o Basic knowledge of ERP and SAP systems. o Mobile and thick client application penetration testing. Skills: Scripting experience (e.g., Python, Bash, Powershell, C#) for automation. Participation in CTF challenges (Hack the Box, Root Me, TryHackMe) is a plus.

Job Description Do you want to lead teams that find and exploit security vulnerabilities in Fortune 100 companies, critical infrastructure, and public sector agencies impacting millions of users? Join Securins Offensive Security Team where you'll emulate real-world attacks and oversee advanced offensive operations. We are a cross-disciplinary group of red teamers, adversarial AI researchers, and software developers dedicated to finding and fixing vulnerabilities across critical digital ecosystems. Role & responsibilities - Lead and perform advanced offensive security assessments, including Red Team operations, threat-based evaluations, and vulnerability exploitation. - Supervise and mentor a team of offensive engineers, manage task prioritization, and ensure high-quality delivery. - Execute Red Team operations on production systems, including AI platforms, using real-world adversarial tactics. - Provide strategic and technical security guidance to internal and external stakeholders. - Collaborate cross-functionally to integrate findings into enterprise detection and defense strategies. - Research and develop adversary TTPs across the full attack lifecycle. - Build tools to automate and scale offensive emulation and vulnerability discovery, utilizing AI/ML systems. - Continuously evaluate and enhance assessment methodologies and frameworks used by the team. - Contribute to the security community through publications, presentations, bug bounties, and open-source projects. Required Qualifications - 5+ years of experience in offensive security, red teaming, or penetration testing with at least 1 year in a leadership role. - Bachelors or Masters degree in Computer Science, Computer Engineering, or relevant field; or equivalent experience. - Expert knowledge of offensive security tactics, threat modeling, APT emulation, and Red Team operations. - Strong understanding of MITRE ATT&CK framework and exploitation of common vulnerabilities. - Proficiency in one or more programming/scripting languages (Python, Go, PowerShell, C/C++, etc.). - Hands-on experience with penetration testing tools such as Metasploit, Burp Suite Pro, NMAP, Nessus, etc. - Familiarity with security in cloud environments (AWS, Azure, GCP) and across Windows/Linux/macOS platforms. - Ability to clearly articulate findings to technical and executive audiences and lead mitigation efforts. - Authorization to work in the country of employment at time of hire and ongoing during employment. Preferred Qualifications - Certifications like OSCP, OSCE, OSEP, CRTO, or equivalent. - Experience with Purple Team operations and threat intelligence integration. - Track record in CTF competitions or bug bounty programs. - Reverse engineering experience or malware analysis expertise. - Exposure to Responsible AI and adversarial machine learning. - Participation in AI Village at DEFCON or similar security research events. - Publications or contributions to conferences such as AISec, NeurIPS, FAccT, or IC4. Other Requirements Ability to meet Securin, customer, and/or government security screening requirements. This includes a background check at the time of hire/transfer and every two years thereafter. Who Should Apply You have experience executing technical research and offensive security strategies with teams. You are skilled in experimental security science and confident in building your own tools. You clearly communicate findings, are mission-driven, and want to drive change in AI and cybersecurity. Role-Specific Policy This hybrid role requires in-office presence at least 50% of the time. Locations: Chennai, Tamil Nadu (India)

Job Description Role : Offensive Security Location: Mumbai/Hyderabad/Chennai Qualification & Experience M.Tech/B.E. /B.Tech/MCA/BCA/BSC More than 4 years of experience in conducting Red Team and offensive security. Certifications in different Security products, ITIL, CEH, OSCP, OSCE, OSWE, SANS/GIAC etc. would be an added advantage. Job Responsibilities: 3-4 years of experience in Pentest, Red Team, offensive security engagements. Deep understanding of network, web and API security vulnerabilities and mitigation. Good understanding on Active directories and ways of exploitation. In-Depth knowledge of Linux operating system. Ability to model threats and risks for large and complex systems. Good knowledge of IPS/IDS, Firewalls, WAF, Switch and Router. Advance knowledge on Authentication, security protocols, Cryptography etc. Ability to think critically and identify areas of technical and non-technical risk. Ability to write technical reports and communicate technical content to non-technical audiences. Relevant security certification i.e. OSCP, OSCE, OSWE, SANS/GIAC, Published CVEs is an added advantage. Good understanding and experience in offensive security tools and techniques i.e. Metasploit, Burpsuite, Armitage, MITRE ATT&CK Framework. Knowledge in one of the scripting language. Has basic knowledge to write exploits for known vulnerabilities. Interested candidates can share their resume & details at - ankita.parihar_pri@npci.org.in

Location: Mumbai (Candidates should be born and brought up in Mumbai) Experience: 5-7 years Notice Period: Immediate to 30 days ________________________________________ We are seeking a Pen tester (Penetration Testing) to join our cybersecurity team. The ideal candidate will have proven experience in penetration testing, vulnerability assessment, and offensive security operations. Key Responsibilities: Conduct penetration testing on web applications, ERP, SAP systems, and infrastructure assets. Draft business risk-oriented reports and assist teams in mitigating identified vulnerabilities. Contribute to the creation and implementation of security tools to secure the Saint-Gobain environment. Participate in Red Team and Purple Team exercises. Define and implement quality and performance metrics for the cybersecurity roadmap. Qualifications: Educational Background: Bachelors degree in Computer Science or Information Security; relevant certifications (e.g., OSCP, CRTP, CompTIA Security+) are a plus. Technical Expertise: Hands-on experience in web application and API penetration testing tools. Knowledge Areas: o Strong understanding of OWASP Top 10 or SANS Top 25. o Familiarity with malware, TCP/UDP packets, IDS/IPS, web proxies, SIEM, DNS security, and firewalls. o Basic knowledge of ERP and SAP systems. o Mobile and thick client application penetration testing. Skills: Scripting experience (e.g., Python, Bash, Powershell, C#) for automation. Participation in CTF challenges (Hack the Box, Root Me, TryHackMe) is a plus.

Experience in Information Security, offensive security, penetration testing, security concepts, methodologies, and tools CEH, Kali Linux, Shell Scripting and Reverse Engineering, firewalls, proxies, SIEM and IDPS concepts

Role & responsibilities Accountable for the delivery of the Bug Bounty to meet the requirements cybersecurity controls, auditors, and global regulators. Responsible for ensuring the crowd is leveraged with well scoped with clearly defined objectives, and delivered on time through an approach that scales and minimises operational risk. Responsible for identifying thematic findings in line with threat actor techniques and procedures, and the shifting technology landscape within and driving the crowd to target these areas. Accountable for the delivery of the change and continuous uplift across crowd-sourced testing. Global Control Operator for Crowd-sourced Security Testing under VIAO.3 (Offensive Security) control and protecting the banks technology, information, and customers. Leadership of a small team to manage operation of the Bug Bounty. To be successful in this role, you should meet the following requirements: Proven experience in identifying and communicating security vulnerabilities across Web, APIs, Infrastructure, and Mobile (e.g., penetration testing). Experience in identifying vulnerabilities by leveraging the crowd (e.g., Bug Bounty) Experience working in highly sensitive projects and a highly regulated environment. Excellent communication and interpersonal skills with the ability to produce clear and concise reports for targeted audiences across internal and external stakeholders. Excellent understanding of cybersecurity principles, global financial services business models, regional regulations and applicable laws. Formal education and advanced degree in Information Security, Cybersecurity, Computer Science or similar and/or commensurate demonstrated work experience in the same.

Job Description Role : Offensive Security Location: Mumbai/Hyderabad/Chennai Qualification & Experience M.Tech/B.E. /B.Tech/MCA/BCA/BSC More than 4 years of experience in conducting Red Team and offensive security. Certifications in different Security products, ITIL, CEH, OSCP, OSCE, OSWE, SANS/GIAC etc. would be an added advantage. Job Responsibilities: 3-4 years of experience in Pentest, Red Team, offensive security engagements. Deep understanding of network, web and API security vulnerabilities and mitigation. Good understanding on Active directories and ways of exploitation. In-Depth knowledge of Linux operating system. Ability to model threats and risks for large and complex systems. Good knowledge of IPS/IDS, Firewalls, WAF, Switch and Router. Advance knowledge on Authentication, security protocols, Cryptography etc. Ability to think critically and identify areas of technical and non-technical risk. Ability to write technical reports and communicate technical content to non-technical audiences. Relevant security certification i.e. OSCP, OSCE, OSWE, SANS/GIAC, Published CVEs is an added advantage. Good understanding and experience in offensive security tools and techniques i.e. Metasploit, Burpsuite, Armitage, MITRE ATT&CK Framework. Knowledge in one of the scripting language. Has basic knowledge to write exploits for known vulnerabilities.