Offensive Security Engineer

• Conduct penetration testing for web applications, networks, and cloud infrastructure to identify vulnerabilities.
  
  
• Simulate real-world attack scenarios to uncover weaknesses in systems, processes, and technologies to assess organizational security posture.
  
  
• Collaborate with internal teams to prioritize vulnerabilities and recommend remediation strategies.
  
  
• Design and deliver training programs to technical teams on offensive security techniques, emerging threats, and mitigation strategies.
  
  
• Conduct workshops and knowledge-sharing sessions to enhance the organization’s understanding of security best practices.
  
  
• Assist in developing simulation exercises to improve incident response capabilities.
  
  
• Develop custom tools or scripts to support offensive security assessments.
  
  
• Research and develop new offensive security techniques and custom tools to improve testing capabilities.
  
  
• Participate in Red Team exercises to test detection and response capabilities.
  
  
• Document findings with clear, actionable recommendations and prepare detailed reports.
  
  
• Stay updated on the latest security threats, attack methodologies, and tools.
  
  
• Provide support during security incidents to analyse root causes and recommend preventive measures.
  

Experience:

• 2-3 years in offensive security roles with hands-on experience in penetration testing or Red Team engagements.

Technical Skills:

• Strong understanding of OWASP Top 10 vulnerabilities and mitigation techniques.
• Proficiency in at least one programming/scripting language (e.g., Python, JavaScript, or Bash).
• Familiarity with tools like Metasploit, Burp Suite, Nmap, Nessus, or similar.
• Experience working with cloud platforms such as AWS, Azure, or Google Cloud Platform (GCP).
• Knowledge of network protocols and infrastructure security

• Certifications such as OSCP, OSWE,CPTS, CRTO or any other equivalent are highly preferred.