Senior Security Consultant

We are looking for an experienced Senior Security Consultant with deep technical expertise in Application Security, Thick Client Assessments. The role involves leading end-to-end security assessments, mentoring junior consultants, and engaging directly with clients to deliver robust, high-quality security solutions.

Who we are?

Payatu is an ISO certified company where we strive to create a culture of excellence, growth and innovation that empowers our employees to reach new heights in their careers. We are young and passionate folks driven by the power of the latest and innovative technologies in IoT, AI/ML, Blockchain, and many other advanced technologies. We are on the mission of making Cyberworld safe for every organization, product, and individual.

What we look for outside work parameters?

Your expertise is your primary qualification, not your degree or certification.

Strong leadership qualities, plan, monitor and manage activities for self and team.

Passion to deliver the promised service.

Motivated, self-starter individual with high level of integrity, intensity, and activity with a can-do attitude.

Ability to understand Organization objectives and execute them accordingly.

Disciplined process-oriented work style and ability to work independently

You are a perfect technical fit if:

Advanced knowledge of common penetration testing tools (Burp Suite, Metasploit, Wireshark, etc.).

Proficient in reverse engineering tools (IDA Pro, Ghidra, Binary Ninja, etc.).

Deep understanding of cloud-native security issues and technologies (containers, Kubernetes, serverless, etc.).

Strong knowledge of application security principles, including OWASP Top 10, secure coding practices, and common vulnerabilities.

Understanding of product security practices and secure software development life cycles.

Your everyday work will look like:

Lead application security assessments including web, mobile, and thick client applications.

Perform Secure Code Reviews (manual and automated) across multiple programming languages and frameworks.

Conduct vulnerability assessments, penetration testing, and configuration reviews for applications, networks, and cloud environments.

Identify, validate, and document vulnerabilities with detailed remediation guidance.

Develop and enhance internal testing methodologies, scripts, and frameworks for security assessments.

Collaborate with red team, application security, and dev teams during remediation and retests.

Review and design security architectures, ensuring alignment with standards (OWASP, NIST, ISO 27001, CIS, etc.).

Support clients with remediation planning, security awareness, and incident response guidance.

Contribute to pre-sales and proposal development by scoping technical requirements and security service offerings.

Mentor and guide junior consultants in performing security assessments and documentation.

You Have All Our Desired Qualities, if:

Minimum 5+ years of hands-on experience in penetration testing, security research, or related fields.

Proven track record in performing complex security assessments on cloud environments (AWS, Azure, GCP), thick client applications, and enterprise systems.

Strong experience with reverse engineering (static and dynamic analysis) of software and binaries.

Expertise in threat modelling, risk assessment, and security design for software products.

Extensive experience in vulnerability analysis and exploitation techniques across diverse platforms.

Familiarity with SDLC, DevSecOps, and threat modeling.

Excellent report writing and client communication skills.

Certifications:

Relevant certifications such as OSWE, OSCP, OSCE, AWAE, eWAPT, eMAPT, GWAPT, or CISSP/CISM.

Additional certifications or training in cloud security, reverse engineering, or product security are a plus.

Experience with automation frameworks for repetitive testing tasks.

Knowledge of reverse engineering or binary analysis is a plus.