Senior Security Consultant

Job Description- Location: Remote (India preferred)- Engagement: Full-time- Compensation: ₹9-13 LPA + ESOPRole Snapshot- Lead security research initiatives and work directly with the founding team to architect and scale APS (Autonomous Pentesting Solution), our flagship product that's redefining security testing with AI.- Drive complex VAPT engagements, mentor the security team, and define the technical roadmap for autonomous security testing.- Expect end-to-end ownership of product security features, strategic decision-making, and direct influence on company direction.What You'll Tackle- Lead and execute end-to-end VAPT engagements across web applications, mobile apps, APIs, thick clients, and cloud infrastructure for high-profile clients.- Architect core security modules within APS, designing and implementing advanced AI/LLM-driven vulnerability detection and exploitation systems.- Conduct original vulnerability research, discover zero-days, and develop sophisticated exploitation techniques and attack chains.- Lead technical discussions with clients, deliver executive-level security reports, and provide strategic remediation guidance.- Mentor junior researchers and interns, conduct code reviews, and establish security research best practices.- Drive the product roadmap by identifying new attack vectors, emerging threats, and innovative approaches to autonomous pentesting.- Collaborate with the founding team on strategic initiatives, partnerships, and scaling the security research function.What Makes You a Strong Fit- 2-3 years of hands-on experience in penetration testing, security research, or offensive security roles with proven track record.- Expert-level understanding of web, mobile, API, and thick client security with deep exploitation expertise across multiple attack surfaces.- Notable achievements on Bugcrowd, HackerOne, or similar platforms (Hall of Fame, high-severity findings, or CVE contributions strongly preferred).- Strong presence in the CTF community with top rankings, team leadership, or writeup contributions.- Advanced proficiency with security tools and custom tool development (Burp Suite, Metasploit, Frida, custom Python frameworks).- Demonstrated ability to discover and chain complex vulnerabilities for high-impact exploitation.- Experience with cloud security (AWS/Azure/GCP), container security, or infrastructure pentesting.- Strong Python development skills with portfolio of security automation tools or open-source contributions.- Industry certifications such as OSCP, OSWE, OSEP, CPTS, or equivalent demonstrated expertise.- Published security research, blog posts, conference presentations, or technical writeups.- Excellent communication skills with ability to explain complex technical concepts to both technical and non-technical audiences.- Proven leadership experience mentoring junior security professionals or leading technical initiatives.Interview Process- Founder Call (45 min) — career trajectory, technical vision, culture add.- Technical Assessment (72 h) — advanced multi-stage security challenge covering complex attack scenarios.- Security Lead Round (90 min) — comprehensive technical deep dive, solution walkthrough, and strategic discussion.- Offer LetterWhat You'll Gain- Leadership opportunity with direct impact on product strategy and company direction.- Work closely with founders to build and scale a cutting-edge security product from the ground up.- Exposure to cutting-edge AI/LLM integration in cybersecurity and opportunity to push the boundaries of autonomous security testing.- Significant equity stake in a fast-growing security startup with strong market potential.- Freedom to pursue original research, publish findings, and represent the company at security conferences.- Competitive compensation package with performance-based growth opportunities.- Flexible work arrangements and autonomy to drive technical decisions.How to ApplyEmail hr@fenrir-security.com with:- Resume or LinkedIn profile.- Bugcrowd, HackerOne, HackTheBox, TryHackMe profile links with notable achievements.- Portfolio of security work (GitHub, published research, CVEs, blog posts, conference talks, or significant vulnerability disclosures).