11 Red Teaming Jobs

As part of our offensive security team, youll work with cutting-edge tools, innovative techniques, and an experienced team to challenge the status quo and strengthen the digital landscape. Key Responsibilities - Execute full-scope Red Team engagements, including phishing, social engineering, and network penetration. Simulate advanced hacking techniques and replicate adversary tactics to uncover security weaknesses. Work closely with Blue Teams in Purple Team exercises to enhance detection and response capabilities. Develop, extend, or modify exploits, shellcode, or tools to simulate sophisticated attacks. Perform reverse engineering of malware (advantageous but not mandatory). Write clear and actionable reports outlining vulnerabilities, exploitation techniques, and remediation strategies. Stay updated on the latest cyber threats, attack methods, and emerging technologies. Required Skills & Experience - Deep understanding and extensive experience in penetration testing methodologies and tools. Strong technical knowledge of various technologies and the ability to quickly learn and adapt to new ones. A passion for learning new technologies and breaking them apart is essential. Expertise in Active Directory attacks and defenses. Proficiency with tools such as Metasploit, Cobalt Strike, BloodHound, and similar offensive security frameworks. Knowledge of hacking methods and frameworks like MITRE ATT&CK. Strong scripting skills (Python, PowerShell, Bash) and experience in manual exploitation techniques. Certifications such as OSCP, OSEP, CRTO, or equivalent are highly valued. What We Offer Competitive salary and benefits package. Exciting projects that challenge your skills and creativity. A collaborative environment where you’ll learn and grow alongside top talent. Access to cutting-edge tools and resources to stay ahead in the cybersecurity field. Opportunities to shape the future of offensive security and contribute to meaningful projects. Location Onsite/Workfrom Office. In special case Remote Why Join SecureLayer7? At SecureLayer7, you’re not just an employee—you’re part of a team that thrives on solving tough challenges, exploring the unknown, and making an impact. If you’re excited about breaking systems to make them stronger and securing the future of technology, we’d love to have you onboard.

Following are the details: ANZEN Technologies Private Limited stands as an unparalleled powerhouse, empowering organizations across industries with our visionary services, cutting-edge solutions, and ground-breaking services in the realm of Cyber Security, IT Governance, Risk Management, and Compliance. As your trusted partner, we offer a comprehensive suite of End-to-End security services and consultancy, tailored to safeguard critical infrastructure installations, elevate the standards of BFSI, eCommerce, IT/ITES, Pharmaceuticals, and an array of other sectors. Job Summary: We are seeking a skilled and passionate Red Team Security Consultant to join our cybersecurity team. The ideal candidate will specialize in simulating adversarial tactics, techniques, and procedures (TTPs) to identify vulnerabilities and improve the organization's security posture. This role involves performing advanced penetration tests, simulating real-world attacks, and working with teams to implement effective remediation strategies. Key Responsibilities: Plan, execute, and document Red Team exercises mimicking advanced threat actors for medium to large enterprises. Conduct network penetration testing (VAPT), system vulnerability assessments, and security configuration reviews. Perform manual security assessments for web applications, APIs, and client-server applications. Simulate sophisticated attack chains including lateral movement, privilege escalation, and data exfiltration. Develop and execute custom attack payloads using tools and scripts. Assess physical security controls and implement social engineering assessments when required. Create and maintain custom tools/scripts in languages like Python, Bash, or PowerShell. Utilize and adapt adversary emulation frameworks such as MITRE ATT&CK, Cobalt Strike, and Metasploit. Collaborate with Blue Teams to improve detection and response mechanisms through Purple Team engagements. Execute full-scope Red Team engagements, including phishing, social engineering, and network penetration. Simulate advanced hacking techniques and replicate adversary tactics to uncover security weaknesses. Develop, extend, or modify exploits, shellcode, or tools to simulate sophisticated attacks. Perform reverse engineering of malware (advantageous but not mandatory). Write clear and actionable reports outlining vulnerabilities, exploitation techniques, and remediation strategies. Stay updated on the latest cyber threats, attack methods, and emerging technologies. Qualification: BE/B. Tech/ MCA/ M. Sc. (IT/Computers) Skills : Excellent communication and collaboration skills. Red Teaming, VAPT, Application Security (Web/Mobile/API), Red Teaming and Application Security domains. Proficient in Application Security concepts, including OWASP Top 10 and OSSTMM. Experience with vulnerability scanning tools such as Burp Suite Pro, Nessus, OWASP ZAP, Kali Linux, Cobalt Strike, Caldera etc. Basic ability to write automation scripts (Bash or Python). Understanding of threat modelling and secure coding practices. Strong understanding of TTPs, threat modelling, and secure coding practices. Hands-on experience in Active Directory exploitation, phishing campaigns, and endpoint bypass techniques. Preferred Certificates : OSCP, CRTP, eWPTX, Security+, CREST, CRTO Job Location : Mumbai/Navi Mumbai Job Mode : Work from Office Need an immediate Joiner who may join by 15th June, 2025

Department: Information Technology Location: Ahmedabad, Gujarat Experience: 10+ Years Education: Bachelors/Masters degree in Computer Science, Cybersecurity, or a related field Certifications Preferred: OSCP, OSCE, OSEP, CRTP, CRTE, GPEN, GXPN, or equivalent Job Summary: We are seeking a highly experienced and skilled Red Team Specialist to join our cybersecurity team. The ideal candidate will lead advanced adversary simulations and penetration testing efforts to evaluate and strengthen the organization’s security posture. This role involves simulating real-world attack scenarios, identifying vulnerabilities, collaborating with Blue Teams, and recommending remediation strategies to enhance threat detection and response capabilities. Key Responsibilities: Adversary Simulation & Attack Execution Conduct full-scale Red Team assessments, emulating advanced persistent threat (APT) tactics, techniques, and procedures (TTPs). Simulate real-world attacks using frameworks and tools like MITRE ATT&CK, Cobalt Strike, Empire, Metasploit, and BloodHound. Exploit vulnerabilities across network infrastructure, cloud platforms, and web applications. Perform lateral movement, privilege escalation, and data exfiltration while evading detection mechanisms. Penetration Testing & Exploitation Perform internal and external penetration testing across enterprise systems. Identify and exploit misconfigurations and security gaps. Assess Active Directory security, including Kerberoasting, NTLM relay, and credential dumping. Develop custom payloads, exploits, and offensive methodologies. Evasion & Anti-Detection Techniques Employ techniques to bypass endpoint detection systems (EDR/XDR), SIEM tools, and behavioral analytics. Test the resilience of Blue Team monitoring capabilities. Implement obfuscation strategies and evasion tactics. Red Team & Blue Team Collaboration Participate in Purple Team exercises to enhance incident detection and response. Collaborate with SOC and threat intelligence teams to refine adversary emulation and response strategies. Contribute to improving incident response playbooks. Reporting & Documentation Document attack chains, vulnerabilities, and testing outcomes in detailed reports. Present technical findings and remediation recommendations to stakeholders. Create post-engagement reports, including MITRE ATT&CK mapping and kill chain analysis. Key Skills & Competencies: Proficient with offensive security tools: Cobalt Strike, Metasploit, Mimikatz, Empire, Covenant Deep understanding of frameworks: MITRE ATT&CK, Cyber Kill Chain, TIBER-EU Advanced expertise in Active Directory attacks , Kerberos exploitation , and lateral movement Strong scripting and automation skills: Python, PowerShell, Bash, C# Hands-on experience with cloud environments (Azure, AWS, GCP) and cloud exploitation Skilled in EDR/XDR evasion and SIEM bypass techniques Proven experience with Red Team / Blue Team collaboration and adversary emulation Analytical mindset with excellent problem-solving and documentation skills

Job Statement: NopalCyber makes cybersecurity manageable, affordable, reliable, and powerful for companies that need to be resilient and compliant. Managed extended detection and response (MXDR), attack surface management (ASM), breach and attack simulation (BAS), and advisory services fortify your cybersecurity across both offense and defense. AI-driven intelligence in our Nopal360 platform, our NopalGo mobile app, and our proprietary Cyber Intelligence Quotient (CIQ) lets anyone quantify, track, and visualize their cybersecurity posture in real-time. Our service packages, which are each tailored to a clients needs and budget, and external threat analysis, which provides critical intelligence at no-cost, help to democratize cybersecurity by making enterprise-grade defenses and security operations available to organizations of all sizes. NopalCyber lowers the barrier to entry while raising the bar for security and service. We are looking for a proven, high energy, results oriented GRC professional, where you will be a key advisor for our clients, analyzing business requirements to design and implement ideal security solutions for their needs. As an established GRC Professional, you will span operational, tactical, and strategic levels as well as tasks that tackle difficult problems that businesses are facing when building out and improving their security and compliance posture For attending the walk-in, please fill the form https://forms.gle/wLS8HtPyFZQKA4jf8 (Copy and paste in a browser) 1. SOC L3 Experience: 6+ years Skills: SIEM, IDS/IPS, EDR tools, log/packet analysis, TCP/IP, Linux/Windows, threat intelligence Tools: Splunk, QRadar, Crowdstrike, NetWitness Certifications (preferred): CISSP, CEH, CISM, GCIH 2. Offensive Security Specialist / Penetration Tester-L3 Experience: 6+ Skills: Web/API/Mobile Pentesting, Threat Modeling, Code Review, DAST, Cloud & Microservices security Tools: Burp Suite, Metasploit, Cobalt Strike, Nmap Languages: Python, Go, Java, JavaScript, C++ Certifications (preferred): OSCP, OSCE, OSWE, GPEN, CEH 3. GRC Security Consultant-L3 Experience: 8+ years Skills: Risk assessments, audits, ISO/NIST/PCI/GDPR frameworks, GRC tools, TPRM, vendor/client management Certifications: ISO 27001 LA/LI, CISSP, CISA, CIPP, CCSP, CCSK Note: Immediate to 30 days' notice preferred.

Web and Network PT Consultant Roles & responsibilities Perform manual application penetration tests on one or more of the following to discover and exploit vulnerabilities: web applications, internal applications, APIs, internal and external networks, and mobile applications Plan and execute network penetration testing and Red teaming assessments to simulate real-world attack scenarios. Perform manual network and application penetration tests on internal network, Active Directory environment, web applications. Perform social engineering assessment to assess the security awareness and physical security controls of the organization. Ability to independently research for new vulnerabilities in systems and software and modify and customize tools, known exploits, POCs and scripts to meet operational requirement. Research and stay up-to-date with the latest attack techniques, tools, and emerging threats. Present technical reports to clients, explaining the outcomes of the testing and providing detailed insights and recommendations. Collaborate effectively with cross-functional teams, including developers, IT operations, and business stakeholders to integrate security best practices seamlessly into project workflows. Provide mentorship and guidance to junior security staff and foster a culture of proactive security awareness within the organization. This role is for you if you have the below We are seeking an experienced and highly skilled Consultant with over 5+ years of working experience in the field of cybersecurity, including network penetration testing, vulnerability assessment, Active directory testing, phishing assessment and web application penetration testing. The ideal candidate will possess a strong working knowledge of Network protocols, performing OSINT to identify publicly available information and testing and exploiting Microsoft services like Windows Servers, Active directory, Certificate Services. Mandatory technical & functional skills Perform manual application penetration tests on one or more of the following to discover and exploit vulnerabilities: web applications, internal applications, APIs,internal and external networks, and mobile applications 5+ years of professional experience in cybersecurity, with a focus on Network penetration testing and Red teaming. Strong understanding of Network protocols, web applications, cryptography various operating systems and security technologies. Strong understanding of exploitation of Microsoft platform used in enterprise environment such as windows Servers, Active Directory Certificate Service, Azure, etc. • Experience in one or more of the following a plus: Web application penetration testing, mobile application penetration testing application architecture and business logic analysis. Relevant certifications, such as GWAPT, OSCP, OSEP, CRTP, CRTO OSWA, are strongly preferred.

Job location - Only Bangalore Perform manual application penetration tests on one or more of the following to discover and exploit vulnerabilities: web applications, internal applications, APIs, internal and external networks, and mobile applications 5+ years of professional experience in cybersecurity, with a focus on Network penetration testing and Red teaming. Strong understanding of Network protocols, web applications, cryptography, various operating systems and security technologies. Strong understanding of exploitation of Microsoft platform used in enterprise environment such as windows Servers, Active Directory Certificate Service, Azure, etc. Experience in one or more of the following a plus: Web application penetration testing, mobile application penetration testing application architecture and business logic analysis. Relevant certifications, such as GWAPT, OSCP, OSEP, CRTP, CRTO, OSWA, are strongly preferred.

Job Description Do you want to lead teams that find and exploit security vulnerabilities in Fortune 100 companies, critical infrastructure, and public sector agencies impacting millions of users? Join Securins Offensive Security Team where you'll emulate real-world attacks and oversee advanced offensive operations. We are a cross-disciplinary group of red teamers, adversarial AI researchers, and software developers dedicated to finding and fixing vulnerabilities across critical digital ecosystems. Role & responsibilities - Lead and perform advanced offensive security assessments, including Red Team operations, threat-based evaluations, and vulnerability exploitation. - Supervise and mentor a team of offensive engineers, manage task prioritization, and ensure high-quality delivery. - Execute Red Team operations on production systems, including AI platforms, using real-world adversarial tactics. - Provide strategic and technical security guidance to internal and external stakeholders. - Collaborate cross-functionally to integrate findings into enterprise detection and defense strategies. - Research and develop adversary TTPs across the full attack lifecycle. - Build tools to automate and scale offensive emulation and vulnerability discovery, utilizing AI/ML systems. - Continuously evaluate and enhance assessment methodologies and frameworks used by the team. - Contribute to the security community through publications, presentations, bug bounties, and open-source projects. Required Qualifications - 5+ years of experience in offensive security, red teaming, or penetration testing with at least 1 year in a leadership role. - Bachelors or Masters degree in Computer Science, Computer Engineering, or relevant field; or equivalent experience. - Expert knowledge of offensive security tactics, threat modeling, APT emulation, and Red Team operations. - Strong understanding of MITRE ATT&CK framework and exploitation of common vulnerabilities. - Proficiency in one or more programming/scripting languages (Python, Go, PowerShell, C/C++, etc.). - Hands-on experience with penetration testing tools such as Metasploit, Burp Suite Pro, NMAP, Nessus, etc. - Familiarity with security in cloud environments (AWS, Azure, GCP) and across Windows/Linux/macOS platforms. - Ability to clearly articulate findings to technical and executive audiences and lead mitigation efforts. - Authorization to work in the country of employment at time of hire and ongoing during employment. Preferred Qualifications - Certifications like OSCP, OSCE, OSEP, CRTO, or equivalent. - Experience with Purple Team operations and threat intelligence integration. - Track record in CTF competitions or bug bounty programs. - Reverse engineering experience or malware analysis expertise. - Exposure to Responsible AI and adversarial machine learning. - Participation in AI Village at DEFCON or similar security research events. - Publications or contributions to conferences such as AISec, NeurIPS, FAccT, or IC4. Other Requirements Ability to meet Securin, customer, and/or government security screening requirements. This includes a background check at the time of hire/transfer and every two years thereafter. Who Should Apply You have experience executing technical research and offensive security strategies with teams. You are skilled in experimental security science and confident in building your own tools. You clearly communicate findings, are mission-driven, and want to drive change in AI and cybersecurity. Role-Specific Policy This hybrid role requires in-office presence at least 50% of the time. Locations: Chennai, Tamil Nadu (India)

Hiring for Sr. Penetration Tester(OSCP/CRTP/CRTO/PNPT Certified--Mandatory) @ UV Cyber Solutions -- (Cyber Towers, Hyderabad Work from Office) It is important to note that this position does not accept applications without OSCP or CRTP or CRTO or PNPT Experience: 3 yrs to 10 Yrs Email : vijaya.thirukolluri@uvcyber.com Mode of Work: Work from Office Interview mode: Face to Face (First round will schedule Virtual round post that need to come F2F interview in Hyderabad, Without F2F interview don't consider them) Notice Period: Looking for who can join in 0 to 15 days Address: UV Cyber solutions, 3rd floor, Quadrant 3, Cyber towers, Hitech City Rd, HITEC City, Hyderabad, Telangana 500081 Certifications : Either of one is Mandatory PNPT CPTS eCPPT OSCP CRTO CRTP Job Description: We are seeking a motivated and detail-oriented individual to join our cybersecurity team as a Red Team Member. In this role, you will assist in conducting security assessments, penetration testing, and vulnerability analyses to identify and mitigate potential security threats. You will work under the guidance of experienced team members, gaining hands-on experience in ethical hacking. Key Skills Penetration Testing: Proficiency in advanced penetration testing methodologies and tools, capable of identifying and exploiting complex vulnerabilities. Red Team Operations: Experience in conducting full-scope Red Team engagements including elements of evasion, obfuscation, social engineering, and other stealth techniques. Up to simulating advanced persistent threats (APTs). Purple Team Operations: Ability to collaborate with Blue Team members to improve detection and response capabilities. Scripting and Programming: Strong proficiency in multiple scripting and programming languages. Networking: Deep understanding of network protocols, firewalls, and advanced network security principles. Operating Systems: Extensive knowledge of Windows, Linux, and macOS operating systems. Technical Writing: Ability to produce high-quality technical documentation and reports for technical and executive audiences. Key Responsibilities: Lead and execute simulated cyber-attacks to evaluate the effectiveness of security controls. Engage in Red Teaming, Purple Team exercises, and some advanced penetration testing, including diverse types (e.g., network, AD, web app, API, cloud, IoT, WIFI, hardware, physical, social engineering, reverse engineering). Develop and refine testing methodologies and tools in collaboration with the Red and Blue teams. Document findings, prepare detailed reports, and present results to stakeholders. Stay current with the latest security trends, threats, and technology developments. Participate in team meetings, training sessions, and continuous learning opportunities. Qualifications: Bachelors or Masters degree in Computer Science, IT, Cybersecurity, AI, or a related technical field (preferred but not required). Relevant certifications (one or more): OSCP, OSCE, PNPT, BSCP, etc., or practical hands-on certifications. Alternatively, be ranked at least as Pro Hacker on HackTheBox.

Kindly share your resume at Shubhanshu.mishra@dotsquares.com Responsibilities: Actively participate in security testing of web and mobile applications. Conduct thorough penetration tests on applications, systems, and networks to identify vulnerabilities. Support the internal and/or customer development team in the preparation, formalization, implementation and verification of security requirements following a Security by Design” principle. Develop and execute hands-on DevSecOps programs, including penetration testing, automation, static/dynamic code analysis, threat modeling, and developer training. Ability to think like an attacker. Conduct secure design reviews and contribute to threat modeling exercises. Preparing reports at both technical and executive level, providing recommendations to an heterogeneous public. Plan, lead and execute projects, including team management. Stay up-to-date with the latest security trends, vulnerabilities, and industry best practices. Engage in continuous learning and research to improve your skills and contribute to the team's knowledge base. Requirements: Minimum 4+ years of consulting experience in Red Teaming/Pentesting and possesses industry recognised certifications (e.g. CISSP, OSCP, CRT, CREST, CRTP) Experienced and well versed in security testing domains. For example, red teaming, web/network/mobile/cloud/thick client vulnerability assessments and penetration testing. Proven experience in implementing proactive security solutions and integrating security into the software development lifecycle (SDLC). Ability to explain vulnerabilities and weaknesses in OWASP Top 10 and SANS Top 25 to any audience and discuss effective defensive techniques Familiarity with programming languages (e.g., Python, Bash, C#, or JavaScript). Hands-on experience securing cloud infrastructure and familiarity with containerization technologies (Kubernetes, Docker).

Security Tech Assessor (Red Team) - Manager - BLR/Pune/GGN - J48775 Roles & responsibilities The Security Technical Assessment Analyst will: Work collaboratively with internal stakeholders and external 3rd parties to Perform security technical configuration reviews, Perform security technical assessments, Support the delivery of security testing across the software development lifecycle on technology solutions & services, Proactively manage the end-to-end penetration testing process for technology solutions, Provide risk-based pragmatic technical security advice and recommendations. Maintain good relationships with internal stakeholders and ensure customer satisfaction, by delivering quality service and escalation of issues as necessary; Lead on internal red team exercises to Coordinate Red Team Operations: Oversee the planning, execution, and reporting of red team exercises to identify vulnerabilities and improve the organizations security posture. Ensure alignment with industry standards and best practices. Develop and Implement Strategies: Create and maintain comprehensive red team strategies, including threat modelling, attack simulations, and penetration testing. Collaborate with other security teams to integrate findings into the overall security framework. Foster a culture of continuous improvement and innovation within the team to stay ahead of emerging threats. Maintain good relationships with internal stakeholders and ensure customer satisfaction, by delivering quality service and escalation of issues as necessary. Influence colleagues to drive technical remediation in a collaborative manner in line with KPMG risk appetite. Identify and drive security technical assessments service improvements, especially using automation. Mandatory technical & functional skills Very good and relevant experience in a similar security technical assessment analysis and red team testing role. Understanding of tooling associated with security technical assessments such as AWS Config, Azure Policy, Static Application Security Testing and Dynamic Application Security Testing. Experience and knowledge in security technical assessments of applications and infrastructure within the Cloud, such as AWS and Azure. Experience working with external penetration testing vendors. Experience of successfully working in a fast paced, customer service environment, delivering high quality information security services. It would be advantageous if you can demonstrate some, or all: Experience and knowledge of container or serverless platforms. PowerShell scripting Any security or vulnerability management product certification. Required Candidate profile Candidate Experience Should Be : 10 To 14 Candidate Degree Should Be : BE-Comp/IT,BE-Other,BTech-Comp/IT,BTech-Other,MBA,MCA

Job description Job Title: Security Consultant (Mobile & Web Application Security, Red Teaming, Phishing) Location: Navi Mumbai Experience Level:1-2 Years Job Overview: We are looking for a highly motivated Junior Security Analyst with 1-2 years of hands-on experience in Red Teaming, Mobile Application Security Testing, Web Application Security Testing, and Phishing. The selected candidate will work within our cybersecurity team to identify and help mitigate security vulnerabilities across different platforms and applications. Additionally, the role includes participation in Red Team engagements and Phishing Campaigns. Key Responsibilities: Red Teaming: Assist in conducting Red Team operations to simulate advanced persistent threats (APT) and adversary tactics, techniques, and procedures (TTPs).Collaborate with senior team members to develop realistic attack scenarios and generate actionable reports. Mobile Application Security Testing: Perform security assessments of Android and iOS applications, identifying vulnerabilities and weaknesses.Conduct manual and automated testing using industry-standard tools such as Burp Suite, MobSF, Frida, etc.Document vulnerabilities and offer remediation strategies to development teams. Web Application Security Testing: Conduct web application security testing, identifying common vulnerabilities such as SQL Injection, Cross-Site Scripting (XSS), and Cross-Site Request Forgery (CSRF).Use tools such as OWASP ZAP, Burp Suite, and others to perform penetration testing.Prepare detailed assessment reports with actionable remediation recommendations. Phishing Campaigns: Assist in planning and executing phishing campaigns to simulate phishing attacks. Develop phishing templates and analyze user responses to gauge organizational security awareness. Provide reports and conduct training sessions to improve the organizations resilience to phishing attacks. Requirements: 1-2 years of relevant experience in Red Teaming, Mobile Application Security Testing, Web Application Security Testing, and Phishing. Familiarity with security standards and frameworks such as OWASP Top 10, SANS, NIST, etc. Proficiency with penetration testing tools such as Burp Suite, Metasploit, Nessus, MobSF, etc. Basic knowledge of scripting and programming languages (Python, Bash, etc.) is an added advantage. Understanding of phishing techniques and social engineering principles. Strong analytical and problem-solving skills with great attention to detail. Excellent verbal and written communication skills. Preferred Certifications (Not mandatory): CEH (Certified Ethical Hacker) CompTIA Pentest+ OSCP (Offensive Security Certified Professional)