Sr Red Team Security Analyst

Position: Sr Security Analyst
At FireCompass, we are building a team that wants to make a difference globally: team players, thinkers, hackers, builders, and hustlers who challenge the status quo and who want to change the world. We believe in creating something that is challenging and exciting and that will have a tremendous impact on our customers and the security industry as a whole.If you share our passion for innovation and want to create a difference, we want to talk to you.About Us:FireCompass is an advanced AI-based Offensive Security Platform. It uses Agentic AI to combine Automated Pen Testing, Attack Surface Management (ASM), and Continuous Automated Red Teaming (CART) along with human expertise. FireCompass ensures near-zero false positives and prioritizes exploitable risks using automated multi-stage attack trees.FireCompass has been recognized as a leader by Gartner, Forrester, GigaOm, IDC, and RSAC 365 Innovation Showcase. FireCompass holds a USPTO-awarded patent for its groundbreaking Automated Red Teaming technology and is trusted by top enterprises, including Fortune 1000 companies.Roles & Responsibilities:Perform Open Source Intelligence (OSINT) on the target organizationLead Penetration Testing and Red Teaming on target attack surfacesSuggest Proper RemediationsCloud Penetration Testing and Security AuditPerform Vulnerability RevalidationsResearch on new attack vectors, attack paths, tools, and techniques.Building Security ToolsWrite blog posts and papers related to new attack vectors, threat hunting, and threat analysisRequired Skills:Good Fundamentals of Computer Science and Information SecurityHands-on in at least one Programming Language (Python / Go / JavaScript frameworks)Linux shell scriptingExcellent in Web Security Penetration Testing covering OWASP Top 10Good Track record in finding complex and high-threat vulnerabilitiesExcellent understanding of Network Protocols TCP/IP, HTTP, SSL, and WebSocketsGood Understanding of Browser Security, such as Content Security PolicyUnderstanding of Docker Security, Kubernetes Security, and Cloud Security Excellent communication skillsSelf-Learner and Self-Motivated Good to HaveExcellent Vulnerability Findings (Bug Bounty or CVE)Received a Bug bounty for complex multi-stage vulnerabilitiesExperience in research blogs and/or speaking engagements, Conference SpeakerExperience in solving or creating CTF (Capture the Flag) challengesReverse Engineering and FuzzingMore Details:Experience: 3-5+ years experienceSalary: Fixed & variable based on experience & last drawn CTC (Depending on Candidate's Profile 18-26 LPA )No of Vacancies: 2Working Days: 5 DaysEducation:UG: Graduation with CS/IS specialization or equivalent. (Mandatory)PG: ME/MTech/MS with CS/IS specialization or equivalent. (Optional)Certifications: OSCP / CRTP / CRTE or similar Certification Mandatory