Cybersecurity Advocate

Job Opportunity: Offensive Security Specialist

Our organization is seeking a highly skilled Offensive Security Specialist to conduct in-depth security assessments and penetration tests on various systems.

The ideal candidate will have strong knowledge of offensive security capabilities, including web, network, mobile, Active Directory, and OT environments. They should also possess hands-on experience in vulnerability assessment, penetration testing, and code review.

Responsibilities:

• Conduct comprehensive manual reviews to identify security flaws, insecure patterns, and logical vulnerabilities.
• Execute internal infrastructure and Active Directory exploitation using BloodHound, CrackMapExec, Impacket, etc.
• Perform OT/ICS/SCADA security testing, including assessments of protocols and firmware.
• Chain vulnerabilities to simulate end-to-end real-world attack scenarios and provide POCs.
• Team Leadership & Client Coordination
• Lead and mentor junior security analysts during engagements.
• Act as the technical lead for VAPT projects, ensuring timely delivery and quality assurance.
• Interface directly with clients to understand requirements, present findings, and suggest remediation strategies.
• Manage testing schedules, reporting timelines, and escalation workflows.
• Draft detailed vulnerability reports with actionable remediation.

• 4-5 years of hands-on experience in penetration testing and red teaming.
• Strong grasp of OWASP Top 10, MITRE ATT&CK, and real-world threat simulation.
• Expertise in AD security, internal lateral movement, and domain privilege escalation.
• Familiarity with OT security controls, risk frameworks (NIST, IEC 62443), and protocol fuzzing.
• Scripting proficiency in Python, PowerShell, or Bash.
• Exposure to tools like Nmap, Wireshark, Burp Suite, Metasploit, BloodHound, SonarQube, Checkmarx, etc
• Leadership experience in managing client-facing pentest projects.
• Bachelor's degree in Computer Science, Cybersecurity, or related field.
• Excellent communication, documentation, and collaboration skills.

• Immediate Joiners Preferred
• Practical Skills are a Must
• Location: Hyderabad and Bangalore
• Bonus points for published CVEs, bug bounty recognition, open-source security tools, research contributions, or participation in industry events, workshops, and communities.

• OSCP – Offensive Security Certified Professional
• OSWE – Offensive Security Web Expert
• CRTP – Certified Red Team Professional
• CRTE – Certified Red Team Expert
• CPENT – Certified Penetration Testing Professional
• CEH – Certified Ethical Hacker
• eJPT, eCPTX, CBBH, PNPT– or equivalent certifications in advanced adversarial simulation.