Are you a skilled penetration tester looking for an exciting new opportunity to take your career to the next level? Join our dynamic cybersecurity team, where youll have the chance to work on cutting-edge projects, including cloud security, reverse engineering, threat modelling, and product security . Who we are? Payatu is an ISO certified company where we strive to create a culture of excellence, growth and innovation that empowers our employees to reach new heights in their careers. We are young and passionate folks driven by the power of the latest and innovative technologies in IoT, AI/ML, Blockchain, and many other advanced technologies. We are on the mission of making Cyberworld safe for every organization, product, and individual. What we look for outside work parameters? Your expertise is your primary qualification, not your degree or certification. Strong leadership qualities, plan, monitor and manage activities for self and team. Passion to deliver the promised service. Motivated, self-starter individual with high level of integrity, intensity, and activity with a can-do attitude. Ability to understand Organization objectives and execute them accordingly. Disciplined process-oriented work style and ability to work independently You are a perfect technical fit if: Advanced knowledge of common penetration testing tools (Burp Suite, Metasploit, Wireshark, etc.).Proficient in reverse engineering tools (IDA Pro, Ghidra, Binary Ninja, etc.).Deep understanding of cloud-native security issues and technologies (containers, Kubernetes, serverless, etc.).Strong knowledge of application security principles, including OWASP Top 10, secure coding practices, and common vulnerabilities.Understanding of product security practices and secure software development life cycles. You Have All Our Desired Qualities, if: Minimum 5+ years of hands-on experience in penetration testing, security research, or related fields. Proven track record in performing complex security assessments on cloud environments (AWS, Azure, GCP), thick client applications, and enterprise systems. Experience with reverse engineering (static and dynamic analysis) of software and binaries. Expertise in threat modelling, risk assessment, and security design for software products. Extensive experience in vulnerability analysis and exploitation techniques across diverse platforms. Deep understanding of: Web application and API vulnerabilities (e.g., SQLi, XSS, IDOR) Mobile app security (reverse engineering, instrumentation) Network and infrastructure testing Cloud security misconfigurations and privilege escalation AI/LLM attack vectors (prompt injection, model extraction, data poisoning, etc.) Your everyday work will look like: Lead penetration tests on cloud infrastructures (AWS, Azure, GCP), thick client apps, and enterprise systems. Conduct security research and vulnerability assessments on cloud platforms. Collaborate with product teams and clients to create threat models, identifying risks, vulnerabilities, and attack vectors with clear, actionable insights. Reverse-engineer binaries, software, and applications to uncover vulnerabilities, develop exploits, and improve product security. Assess and advise on security throughout the product lifecycle, from design to deployment, ensuring robust security measures. Develop custom security tools and scripts to improve testing efficiency and address new vulnerabilities. Stay updated on emerging threats, attack techniques, and security trends, sharing insights with the team to maintain cutting-edge expertise. Certifications : Offensive Security Certified Professional (OSCP) or similar certifications such as CEH, CRTP, OSCE, or CISSP.Additional certifications or training in cloud security, reverse engineering, or product security are a plus. Soft Skills: Excellent communication skills to present findings and security concepts clearly to both technical and non-technical stakeholders.Strong problem-solving skills with the ability to think creatively and develop solutions to complex security challenges.Leadership capabilities to mentor and guide junior security consultants and researchers.Ability to work independently and manage multiple projects effectively under tight deadlines. Preferred Qualifications: Experience in developing custom security tools or exploits.Experience with threat hunting or advanced adversarial techniques.Familiarity with advanced attack frameworks like MITRE ATT&CK.

Are you a passionately curious individual who possesses a steady and unshakable eye for detail? Are you not afraid of searching for a needle in the stack of hay? Do you think you have the skillset, knowledge, to be the first line of defense between cyber adversaries and the organization? Do you believe in working for a mission to protect your organization 365*24*7? If you are in love with the tools and technology that help you to solve this daunting challenge, then we are looking for you. Who we are? Payatu is a GPTW certified company where we strive to create a culture of excellence, growth and innovation that empowers our employees to reach new heights in their careers. We are young and passionate folks driven by the power of the latest and innovative technologies in IoT, AI/ML, Blockchain, and many other advanced technologies. We are on the mission of making Cyberworld safe for every organization, product, and individual. What we look for outside work parameters? Your expertise is your primary qualification, not your degree or certification. Your publicly known contributions are your credentials . Your write-up and blogs reflect your interests and ethics. You are a perfect technical fit if: At least 2 to 5 years of experience handling SIEM tools ( Splunk ), Incident Response. Knowledge and Hands-on experience on Security appliances like (IPS, Proxy, XDR/EDR, Email Security Gateway, Cloud Access Security Broker). Experience in Security Orchestration and Automation. Should possess strong working knowledge of Power BI, Tableau, and Power Automate. Should have good knowledge of one or more programming/scripting languages like Python, Go, PowerShell, Bash. Have good experience in handling IT Security incidents, phishing analysis, triaging and analyzing malware, developing and fine-tuning use cases. Experience in host and network forensics. Experience in analyzing logs and should have hands-on experience in Windows and Linux. Should have experience in working on and monitoring cloud environment [ AWS & Azure] . Should have experience on Entra ID, Microsoft Defender, Sentinel, KQL. You Have All Our Desired Qualities, if: You like scripting and automating stuff. You like writing tools. You have excellent written and verbal communication skills and the ability to express your thoughts clearly. You have the skill to articulate and present technical things in business language. You can work independently as well as within a team. You have strong problem solving, troubleshooting, and analysis skills. You are passionate about your area of expertise and self-driven. You are comfortable working in a dynamic and fast-paced work environment. You are Self-driven, proactive, hardworking, team-player. You are working on something on your own in your field apart from official work. Your everyday work will look like: Automation & Orchestration: Automate mundane and repetitive tasks to improve existing workflows and improve response times. Engineering: Create custom solutions for various Incident Response activities as per business requirement. Incident Response activities: Identity, investigate and respond to potential security incidents to minimize the operational and organizational impact. Malware Analysis: Analyse and triage the malware found on the system. Forensics: Perform forensic analysis on system and network artifacts to identify indicators of compromise. Identify Gaps: Investigate and document gaps in controls, event data, and work with internal teams to resolve. Process Improvement: Execute, develop, and document Incident Handling Guides and processes. Show more Show less

Are you interested in automating the build and deployment process of the application with ensuring the application security? If yes, then Payatu is the place for you. We are always in search of passionate people to expand our renowned Bandit family at Payatu. In the quest for Bandits, here is an excellent opportunity we would like to share with you. Who we are? Payatu is an ISO certified company where we strive to create a culture of excellence, growth and innovation that empowers our employees to reach new heights in their careers. We are young and passionate folks driven by the power of the latest and innovative technologies in IoT, AI/ML, Blockchain, and many other advanced technologies. We are on the mission of making Cyberworld safe for every organization, product, and individual. What we look for outside work parameters? Your expertise is your primary qualification, not your degree or certification. Your publicly known contributions are your credentials. Papers you have written, tools you have developed are your references. Your write-up reflects your interests and ethics. Your published exploits, your CTF scores, and hall of fame listings are the testimonies of your work. Your research paper was published and presented at conferences. You are learning from the community and enthusiastically contributing back. You are a perfect technical fit if: Strong fundamental of application and network protocols. Stronghold on Web application security concept and penetration testing skill. Good command of at least one programming language. Good understanding of OWASP Top 10 and other web-related vulnerabilities as well as logic flaws. Hands-on experience in performing penetration testing of web-based applications preferably in the financial domain. Good to have experience in working alongside the development/QA teams. Good report writing and presentation skills. Should be able to suggest optimum security improvements to application components. You Have All Our Desired Qualities, if: Experience in web application and web service security assessment. You have a history of publishing or presenting good research. You have the knack of finding security bugs in everything you touch. You like automating stuff. You like writing tools. You have excellent written and verbal communication skills and the ability to express your thoughts clearly. You have the skill to articulate and present technical things in business language. You can work independently as well as within a team and meet project schedules and deadlines. You have strong problem solving, troubleshooting, and analysis skills. You are passionate about your area of expertise and self-driven. You are comfortable working in a dynamic and fast-paced work environment. You are Self-driven, proactive, hardworking, team-player. You are working on something on your own in your field apart from official work. Your everyday work will look like: Security assessment of web application and web service on various platforms. Back your findings with Proof-of-concept exploits. Collect evidence and maintain a detailed write-up of the findings. Understand and explain the results with impact on business and compliance status. Explain and demonstrate vulnerabilities to application/system owners. Provide appropriate remediation and mitigations of the identified vulnerabilities. Individually or collaboratively review the system designs, source code, configurations, communications for security gaps. Deliver results within stipulated timelines. Sharpen your saw with continuous research, learning, training on the latest tools and techniques, keeping up with new research, and sharing the same with the ecosystem. Communicate well using verbal and written skills, within and out of the team.