Fynd - Offensive Security Engineer - Vulnerability Management

Job Title : Offensive Security Engineer

Role Overview :

Youll simulate real-world attacks, identify complex vulnerabilities, and partner with teams to strengthen our security posture from product design to production.

This role is ideal for engineers passionate about adversary emulation, building tools, and driving secure innovation at scale.

Responsibilities :

- Conduct deep-dive penetration testing and red team simulations on web, mobile, cloud, and API systems and thick clients.

- Perform proactive threat modeling during product development to identify design-stage risks.

- Build custom scripts/tools and automate offensive security workflows.

- Report technical findings with clear, actionable remediation strategies.

- Collaborate with engineering and product teams to embed offensive security into the SDLC.

- Stay updated on the latest threat techniques, CVEs, exploits, and red team tooling.

Requirements :

- You should have at least five years of experience in offensive security, penetration testing, or red teaming.

- The candidate should possess experience with OWASP Top 10, ASVS, MITRE ATT&CK, and threat modeling frameworks.

- Hands-on with cloud platforms (AWS/GCP/Azure), thick clients, and secure app architecture.

- Proficiency in scripting (Python, Go, Bash) and tools like Burp Suite, ZAP, Metasploit, and Cobalt Strike.

- Strong communication and reporting skills, catering to both technical and business audiences.

Bonus Skills :

- Experience in e-commerce or AI/ML-driven platforms.

- Prior work in vulnerability research, CVE publication, or exploit development.

- Certifications: OSCP, OSWE, OSEP, CRTO, or cloud security certs.

- Contributions to open-source tools, blogs, or conferences in the infosec community.