Description :

Senior offensive security professional responsible for leading end-to-end VAPT programs and executing advanced red-team exercises to assess organizational resilience. Drives offensive security strategy, improves detection capabilities, and mentors a team of security testers.

Core Responsibilities :

- Lead VAPT across web, mobile, cloud, networks, containers, and APIs

- Execute red-team / adversary emulation using MITRE ATT&CK

- Develop exploit PoCs, privilege escalation paths, lateral movement

- Work with SOC/IR teams to validate and improve detections

- Conduct purple-team exercises and attack simulations

- Review architecture, threat models, and secure design gaps

- Deliver detailed risk reports and remediation plans

- Manage third-party testing vendors and ensure compliance (ISO 27001, PCI-DSS, DPDP)

Skills Needed :

- Strong expertise in offensive security tools: BurpSuite Pro, Metasploit, Cobalt Strike/Brute Ratel, Nmap, Nessus, BloodHound, Azure AD attack tools, etc.

- Deep knowledge of AD/Cloud attacks (Azure/AWS/GCP), API security, containers, and CI/CD pipeline testing.

- Ability to script (Python, PowerShell, Bash) for automation.

Preferred Certifications :

- OSCP, OSWE/OSCE3, CRTP/CRTE, eWPTX, eCPPT, CEH Master.