Senior Cybersecurity Engineer

Note: This is an on-site position at 100% Onsite role based in Ahmedabad, Gujarat (Please do not apply if not willing to work from office)

We are seeking a highly skilled and motivated Cybersecurity Engineer with expertise in offensive and defensive security validation to join our dynamic cybersecurity team. In this pivotal role, you will act as the bridge between our offensive and defensive security functions, focusing on continuous threat simulation and control validation. You will execute realistic attack scenarios to rigorously test the effectiveness of our detection, response, and recovery capabilities, ensuring our security posture is optimized against current and emerging threats using frameworks like MITRE ATT&CK.

This technical role requires the ability to interact with internal and external peers in IT, Security, Risk, Compliance, and Operations teams, vendors, and third-party support organizations, as well as participation in advisory boards and incident management cases. The candidate will provide technical knowledge in designated areas during troubleshooting, root cause analysis, and problem management lifecycle.

Roles and Responsibilities

• Plan and execute collaborative security validation exercises to simulate advanced adversary tactics, techniques, and procedures (TTPs).
• Utilize the MITRE ATT&CK framework to scope, execute, and map simulated attacks to defense coverage gaps.
• Validate the effectiveness of existing security controls (e.g., EDR/XDR, Firewalls, Cloud Security Posture Management) by measuring detection coverage and control performance.
• Work directly with the Security Operations Center (SOC) team to design, implement, and tune new security detection rules and correlation logic within SIEM/logging platforms.
• Develop and maintain a Threat Emulation library and associated automation for repeatable and scalable testing of defensive capabilities.
• Collaborate with Incident Response teams to refine incident handling playbooks and reduce detection and response dwell time.
• Document comprehensive findings from exercises, including proof-of-concept exploits and prescriptive remediation recommendations.
• Provide continuous knowledge transfer and training to defensive security analysts on the latest attack vectors and the forensic artifacts they create.
• Contribute to the strategic alignment of security investments by demonstrating the effectiveness (or lack thereof) of security tools in a real-world context.
• Ensure adherence to regulatory requirements and industry standards such as GDPR, HIPAA, PCI-DSS, and ISO 27001.

Required Skills

• 3-5+ years of experience in cybersecurity, with direct, hands-on experience in offensive (penetration testing, ethical hacking) and defensive (SOC, threat hunting, detection engineering) roles.
• Expert knowledge of the MITRE ATT&CK Framework and its application in both simulation and detection engineering.
• Hands-on experience with both offensive tools (e.g., Metasploit, Cobalt Strike, red team tooling) and defensive technologies (e.g., SIEM/logging platforms like Splunk/ELK, EDR solutions).
• Proficiency in scripting languages (Python, PowerShell, Bash) for automating adversary emulation, data collection, and detection rule testing.
• Deep understanding of operating system internals (Windows, Linux) and common attack paths in enterprise and cloud environments (e.g., AWS, Azure, GCP).
• Strong analytical skills for log analysis, threat hunting, and root cause identification of control failures.
• Excellent written and verbal communication skills, with the ability to articulate technical findings to both technical and executive audiences.

Optional

• CISSP, eWPTX, eCTHP, PNPT, CRTO, BTL1, OSCP
• Experience with Security Orchestration, Automation, and Response (SOAR) platforms.