Offensive Security Researcher

Salary: Competitive; commensurate with skills and experience

Working Days: 5 Days

Key Responsibilities:

• Design, develop, and automate exploit templates and verifiers for diverse vulnerabilities (web, Active Directory, cloud) with safe reproducibility.
• Adapt public exploits, discover zero-day vulnerabilities, and codify attack strategies for varied environments.
• Extend and integrate offensive security toolchains (BloodHound, Cobalt Strike, Sliver, Nuclei, ZAP, etc.) into automated pipelines.
• Translate adversarial thinking into structured attack scenarios, pivot rules, and fallback strategies for autonomous testing frameworks.
• Conduct cutting-edge research on emerging attack vectors by monitoring CVE releases, APT reports, and trends from communities like BlackHat, Nullcon, Defcon, and other security forums.
• Contribute to internal research papers, PoCs, open-source tooling, and public security disclosures to enhance company recognition (Hall of Fame mentions, conference talks, CVEs).
• Collaborate with AI, data engineering, and security research teams to provide labeled adversarial data for training models and improving threat simulations.
  

Required Qualifications:

• Bachelors/Masters degree in Computer Science, Cybersecurity, or a related field.

• Advanced certifications (OSCP, CPENT, OSEP, OSEE, CRTO, etc.

  ) are highly desirable.
• Experience in vulnerability discovery, exploit development, and writing custom security tools.
• Strong programming skills in Python, Go, C/C++, Assembly; Rust experience is a plus
• Deep understanding of offensive tradecraft aligned with MITRE ATT&CK, Atomic Red Team, and threat intelligence sources.
• Proven track record of public research contributions (CVEs, conference talks, Hall of Fame mentions, or open-source exploit projects).
  

Desired Skills:

• Offensive Security Expertise

  : Red teaming, penetration testing, and adversarial simulation across complex infrastructures
• E

  xploit Development & Automation

  : Ability to chain, mutate, and verify exploits safely.

• Toolchain Integration

  : Hands-on experience with BloodHound, Cobalt Strike, Sliver, Nuclei, ZAP, and related frameworks.

• AI & Security Collaboration

  : Skilled at generating adversarial data to enable AI/ML research for security automation.

Success Metrics / Impact:

• Delivery of production-ready exploit templates and automated verification pipelines.
• Codification of pivot strategies and adversarial scenarios that improve autonomous attack fidelity.
• Contributions to toolchain R&D, internal/external PoCs, and public disclosures.
• Recognition in the cybersecurity community via publications, CVEs, and conference presentations.
  

Perks & Benefits:

• Work on zero-day research and cutting-edge offensive automation.
• Access to global security conferences (Payatu, Nullcon, etc.) and professional development programs.
• Collaborative, innovation-driven environment.