Posted:3 days ago|
Platform:
On-site
Full Time
St. Fox, a leading consultancy in the realm of Cybersecurity and advanced tech solutions, is recognized for its pioneering approach to digital security and innovation. Driven by the ethos Innovate Fearlessly, Protect Relentlessly, we empower businesses globally to secure their operations and maximize efficiency through cutting-edge technology strategies.
Lead and conduct end-to-end penetration testing engagements across web applications, mobile apps, APIs, networks, WiFi, Active Directory, and cloud platforms (AWS, Azure, GCP).
Execute red team and adversary simulation exercises, including phishing, lateral movement, persistence, and data exfiltration scenarios.
Perform advanced Active Directory exploitation (on-prem, Azure AD, hybrid environments) including Kerberoasting, unconstrained delegation, golden/silver tickets, and modern AD attack chains.
Assess and exploit cloud-native vulnerabilities, IAM misconfigurations, container/Kubernetes environments, and serverless workloads.
Conduct wireless/WiFi pentesting (WEP/WPA/WPA2/WPA3 attacks, rogue AP, evil twin).
Perform basic to intermediate reverse engineering and exploit development for binaries, scripts, and mobile apps.
Utilize frameworks and tools such as Burp Suite Pro, ZAP, Caido, Metasploit, Havoc/Mythic/Sliver C2, BloodHound, Mimikatz, Impacket, and custom scripts/exploits.
Draft and review detailed penetration testing reports, Statements of Work (SoW), Rules of Engagement (RoE), and executive presentations.
Mentor and guide junior consultants, providing technical leadership, peer review, and training.
Work closely with clients to communicate findings, risk implications, remediation strategies, and overall security posture improvements.
8+ years of proven experience in vulnerability assessment, penetration testing, and red team operations.
Strong expertise in Active Directory exploitation and defenses (on-prem, hybrid, Azure AD).
Advanced skills in web application, API, and network penetration testing.
Proficiency in cloud penetration testing (AWS, Azure, GCP) including IAM, storage, networking, and serverless security.
Strong understanding of exploit development, reverse engineering, and evasion techniques.
Proficiency with industry-standard tools and custom exploit/script development.
Solid knowledge of enterprise security technologies (SIEM, SOAR, Firewalls, IDS/IPS, AV/EDR/XDR).
Strong technical writing and client-facing communication skills, including report drafting and delivery.
Experience in leading teams, reviewing deliverables, and mentoring junior consultants.
Offensive security certifications such as OSCP, OSEP, OSED, OSWE, OSEE, CRTP, CRTE, CREST, GXPN, or equivalent.
Experience in IoT, hardware, and automotive penetration testing.
Prior experience in adversary emulation and purple team exercises.
Familiarity with DevSecOps pipelines and Secure SDLC integration.
? Competitive salary and benefits package.
? Opportunities for professional growth and advancement.
? Exposure to cutting-edge technologies and projects.
? A collaborative and supportive work environment.
St. Fox
Upload Resume
Drag or click to upload
Your data is secure with us, protected by advanced encryption.
Browse through a variety of job opportunities tailored to your skills and preferences. Filter by location, experience, salary, and more to find your perfect fit.
We have sent an OTP to your contact. Please enter it below to verify.
Instantly access job listings, apply easily, and track applications.
bengaluru, karnataka, india
Salary: Not disclosed
