Job Openings Lead Offensive Security Engineers

About the job Lead Offensive Security Engineers

  • Lead and execute penetration testing engagements covering web applications, APIs, mobile applications, networks, cloud environments, and infrastructure
  • Conduct red team exercises, adversary simulations, and attack emulation activities to evaluate security controls and incident response capabilities
  • Identify, validate, and exploit vulnerabilities while assessing their business and technical impact
  • Develop detailed security assessment reports, including risk ratings, remediation recommendations, and executive summaries
  • Perform security architecture reviews and provide guidance on secure design principles
  • Research emerging threats, attack techniques, and security vulnerabilities to improve offensive security capabilities
  • Support incident response investigations by providing attacker methodology analysis and root cause identification
  • Develop custom scripts, tools, and automation to enhance offensive security testing activities
  • Collaborate with development, infrastructure, cloud, and security teams to remediate identified vulnerabilities
  • Mentor and guide junior security engineers and penetration testers
  • Contribute to security awareness initiatives and technical training programs
  • Assist in establishing offensive security methodologies, standards, and best practices
  • Participate in purple team exercises with defensive security teams to improve detection and response capabilities

Requirements

  • Bachelor's Degree in Cyber Security, Computer Science, Information Technology, or a related field
  • Minimum 8+ years of experience in Cyber Security, with at least 5 years focused on Offensive Security, Penetration Testing, or Red Team Operations
  • Strong hands-on experience in web application, API, network, infrastructure, cloud, and mobile security testing
  • Experience conducting red team operations and advanced adversary simulation exercises
  • Strong understanding of attack frameworks such as MITRE ATT&CK and Cyber Kill Chain
  • Experience in identifying and exploiting vulnerabilities such as OWASP Top 10, authentication flaws, privilege escalation, and cloud security weaknesses
  • Strong knowledge of operating systems including Windows, Linux, and cloud platforms such as AWS, Azure, or GCP
  • Experience with scripting and automation using Python, PowerShell, Bash, or similar languages
  • Strong report writing, communication, and stakeholder management skills

Preferred Certifications

  • OSCP (Offensive Security Certified Professional)
  • OSCE / OSEP
  • CRTO (Certified Red Team Operator)
  • CREST Certifications
  • CISSP
  • GIAC Security Certifications (GPEN, GXPN, GWAPT, etc.)

Preferred Skills

  • Experience with cloud penetration testing and container security
  • Knowledge of Active Directory attack techniques and identity security
  • Experience with threat emulation and purple team engagements
  • Familiarity with DevSecOps and secure software development practices
  • Experience using tools such as Burp Suite, Metasploit, Nmap, BloodHound, Cobalt Strike, Sliver, Nessus, and similar platforms

Or refer someone