Senior Security Analyst

About the Company We are a bunch of super enthusiastic, passionate, and highly driven people, working to achieve a common goal We believe that work and the workplace should be joyful and always buzzing with energy CloudSEK, one of India's most trusted Cyber security product companies, is on a mission to build the world's fastest and most reliable AI technology that identifies and resolves digital threats in real-time. The central proposition is leveraging Artificial Intelligence and Machine Learning to create a quick and reliable analysis and alert system that provides rapid detection across multiple internet sources, precise threat analysis, and prompt resolution with minimal human intervention. Founded in 2015, headquartered at Singapore, we are proud to say that we've grown at a frenetic pace and have been able to achieve some accolades along the way. CloudSEK's Product Suite: - CloudSEK XVigil constantly maps a customer's digital assets, identifies threats and enriches them with cyber intelligence, and then provides workflows to manage and remediate all identified threats including takedown support. - A powerful Attack Surface Monitoring tool that gives visibility and intelligence on customers' attack surfaces. CloudSEK's BeVigil uses a combination of Mobile, Web, Network and Encryption Scanners to map and protect known and unknown assets. - CloudSEK's Contextual AI SVigil identifies software supply chain risks by monitoring Software, Cloud Services, and third-party dependencies. Key Milestones: - 2016: Launched our first product. - 2018: Secured Pre-series A funding. - 2019: Expanded operations to India, Southeast Asia, and the Americas. - 2020: Won the NASSCOM-DSCI Excellence Award for Security Product Company of the Year. - 2021: Raised $7M in Series A funding led by MassMutual Ventures. - Awards & Recognition: Won NetApp Excellerator's "Best Growth Strategy Award," CloudSEK XVigil joined NVIDIA Inception Program, and won the NASSCOM Emerge 50 Cybersecurity Award. - 2025: Secured $19 million in funding led by Tenacity Ventures, Commvault. About the Job We are seeking a highly skilled and experienced Security Engineer to join our team, focusing on offensive security, exploitation, and automation. The ideal candidate will possess expertise in advanced Red Teaming methodologies, deep knowledge of web application and API penetration testing, and proficiency in scripting, security automation, and vulnerability exploitation techniques. You will be responsible for validating real-world risk and providing expert technical advisory to clients. Key Responsibilities - Lead Advanced Penetration Testing: Plan and execute comprehensive offensive security engagements, including Red Team operations, web application, API, mobile application, and cloud environment penetration tests. - Exploitation and Validation: Proactively identify, exploit, and validate critical vulnerabilities (including 0-days) across diverse client environments to demonstrate real-world impact and risk. - Automation & Tool Development: Design, develop, and implement custom scripts and security tools (e.g., in Python, Go) to automate offensive processes, continuous security assessments, and improve the team's efficiency and capabilities. - Vulnerability Mitigation Advisory: Translate complex technical findings into clear, actionable reports and provide expert, technical guidance to engineering teams on effective mitigation strategies and security best practices. - Advanced Threat Research: Conduct deep technical research on emerging exploit techniques, zero-day vulnerabilities, and attacker Tactics, Techniques, and Procedures (TTPs) to enhance internal capabilities and methodologies. - Client-Facing Proof of Concept (POC): Conduct professional and technical POC calls with clients, clearly articulating complex exploitation scenarios, demonstrating technical risk, and discussing the corresponding business impact. - Cross-Functional Collaboration: Partner with internal R&D and Product Management teams, utilizing penetration testing insights to drive significant security feature enhancements and improvements in our product offerings. - Knowledge Leadership: Contribute to and lead the creation of sophisticated internal knowledge base articles, runbooks, and SOPs focused on advanced exploitation and testing techniques. Qualifications - Experience: Minimum of 2+ years of progressive, hands-on experience in offensive security, specifically Red Teaming and advanced penetration testing. Proven track record of successful vulnerability exploitation and bypass of security controls. - Technical Expertise: Expert proficiency in at least one relevant scripting language (e.g., Python, Go, PowerShell) and deep, hands-on experience with industry-standard security tools (e.g., Burp Suite Pro, Metasploit, Nmap, specific cloud security tools). - Offensive Certifications (Preferred): Advanced offensive security certifications such as OSCP etc or equivalent. - Domain Knowledge: Strong understanding of current threat intelligence, dark web monitoring trends, and how they inform offensive testing methodologies. - Cloud/Mobile Exploitation: Demonstrated experience identifying and exploiting vulnerabilities in major cloud providers (AWS, Azure, GCP) and mobile platforms (iOS/Android). - Advanced Problem-Solving: Exceptional analytical and structured problem-solving skills focused on bypassing complex security defenses and troubleshooting non-standard technical issues. - Communication & Presentation: Strong communication, documentation, and interpersonal skills, with the ability to translate technical risks (exploitation paths) into clear, compelling reports and presentations for both technical teams and senior client stakeholders. - Commitment to Operational Excellence: Willingness to provide support for critical operational schedules, potentially including rotating shifts, to ensure continuous, high-quality assessment coverage. Benefits of Joining CloudSEK We provide an environment where you can develop and enhance your skills while delivering meaningful work that matters. You'll be rewarded a competitive salary as well as a full spectrum of generous perks and incentives which include: - Flexible working hours. - Food, unlimited snacks and drinks are all available while at office. And, the finest part is yet to come Every now and then we ensure to unwind and have a good time together, which involves games, fun, and soulful music. Feel free to show off your artistic side here