Senior Security Consultant

Are you a skilled penetration tester looking for an exciting new opportunity to take your career to the next level? Join our dynamic cybersecurity team, where you'll have the chance to work on cutting-edge projects, including cloud security, reverse engineering, threat modelling, and product security.

Who we are?

Payatu is an ISO certified company where we strive to create a culture of excellence, growth and innovation that empowers our employees to reach new heights in their careers. We are young and passionate folks driven by the power of the latest and innovative technologies in IoT, AI/ML, Blockchain, and many other advanced technologies. We are on the mission of making Cyberworld safe for every organization, product, and individual.

What we look for outside work parameters?

Your expertise is your primary qualification, not your degree or certification.

Strong leadership qualities, plan, monitor and manage activities for self and team.

Passion to deliver the promised service.

Motivated, self-starter individual with high level of integrity, intensity, and activity with a can-do attitude.

Ability to understand Organization objectives and execute them accordingly.

Disciplined process-oriented work style and ability to work independently

You are a perfect technical fit if:

Advanced knowledge of common penetration testing tools (Burp Suite, Metasploit, Wireshark, etc.).

Proficient in reverse engineering tools (IDA Pro, Ghidra, Binary Ninja, etc.).

Deep understanding of cloud-native security issues and technologies (containers, Kubernetes, serverless, etc.).

Strong knowledge of application security principles, including OWASP Top 10, secure coding practices, and common vulnerabilities.

Understanding of product security practices and secure software development life cycles.

You Have All Our Desired Qualities, if:

Minimum 5+ years of hands-on experience in penetration testing, security research, or related fields.

Proven track record in performing complex security assessments on cloud environments (AWS, Azure, GCP), thick client applications, and enterprise systems.

Strong experience with reverse engineering (static and dynamic analysis) of software and binaries.

Expertise in threat modelling, risk assessment, and security design for software products.

Extensive experience in vulnerability analysis and exploitation techniques across diverse platforms.

Your everyday work will look like:

Lead penetration tests on cloud infrastructures (AWS, Azure, GCP), thick client apps, and enterprise systems.

Conduct security research and vulnerability assessments on cloud platforms.

Collaborate with product teams and clients to create threat models, identifying risks, vulnerabilities, and attack vectors with clear, actionable insights.

Reverse-engineer binaries, software, and applications to uncover vulnerabilities, develop exploits, and improve product security.

Assess and advise on security throughout the product lifecycle, from design to deployment, ensuring robust security measures.

Develop custom security tools and scripts to improve testing efficiency and address new vulnerabilities.

Stay updated on emerging threats, attack techniques, and security trends, sharing insights with the team to maintain cutting-edge expertise.

Certifications:

Offensive Security Certified Professional (OSCP) or similar certifications such as CEH, CRTP, OSCE, or CISSP.

Additional certifications or training in cloud security, reverse engineering, or product security are a plus.

Soft Skills:

Excellent communication skills to present findings and security concepts clearly to both technical and non-technical stakeholders.

Strong problem-solving skills with the ability to think creatively and develop solutions to complex security challenges.

Leadership capabilities to mentor and guide junior security consultants and researchers.

Ability to work independently and manage multiple projects effectively under tight deadlines.

Preferred Qualifications:

Experience in developing custom security tools or exploits.

Experience with threat hunting or advanced adversarial techniques.

Familiarity with advanced attack frameworks like MITRE ATT&CK.