Job description Offensive Security Engineer (Ransomware Penetration Testing) Job Description: Offensive Security Engineer (Ransomware Penetration Testing) Responsibilities Execute complex Red Team engagement as a penetration tester, simulating real-world ransomware / malware attacker scenarios to uncover critical vulnerabilities Identify, research, and exploit various vulnerabilities (including zero-days) to gain unauthorized access to systems and data. Develop custom tools, scripts, and exploit code. Document findings in a clear, concise, and actionable manner, including detailed reports with working proofs of concept and recommendations for remediation and product improvements Collaborate with the Blue Team (engineering and QA) to prioritize vulnerabilities, develop mitigation strategies, and improve overall security posture through tangible requirements Participate in knowledge sharing by mentoring junior team members and presenting findings, including opportunities to document reports for external consumption Qualifications Minimum 5+ years of experience in offensive security engagements. Proven experience in participating in Red Team engagements. Expertise in various operating systems (Mac, Linux, etc.) and scripting languages (Python, Ruby, etc.). Coding skills to automate tasks, customize attacks, and create payloads Solid understanding of networking concepts, such as TCP/IP, DNS, HTTP, FTP, SMTP, and VPN. Hands-on knowledge on how to use network analysis tools, such as Nmap, Wireshark, and Metasploit, to scan, sniff, and exploit network services and protocols. Ability to discover and map network devices, identify open ports and services, and bypass firewalls and other security measures. System knowledge . Good understanding of OS concepts Experience with exploit development and post-exploitation techniques. Strong understanding of the threat landscape and attacker motivations. Well-versed in security principles, such as encryption, authentication, authorization, and access control. Good knowledge of malwares , ransomwares , APTs , Trojans and how they work. Ability to think outside the box, and come up with innovative and unconventional ways to break into a system or network. Excellent communication, collaboration, and problem-solving skills. Ability to work independently. The ideal candidate should have minimum 5-8 years of experience in Ransomware Penetration Testing. Should be strong in Python.
