Description :

We are looking for a Senior Security Engineer with deep expertise in penetration testing, data security, endpoint security, DLP, compliance, data privacy, ethical hacking, and security research. This role requires a hands-on security mindset, with experience in offensive and defensive security, along with cutting-edge research in vulnerabilities, AI security threats, and threat intelligence.

The core responsibilities for the job include the following :

Security Engineering and Data Protection :

- Conduct penetration testing (pentesting) on cloud, on-premise environments, APIs, and applications.

- Architect and implement Data Loss Prevention (DLP) solutions across endpoints, networks, and cloud environments.

- Secure databases, endpoints, and cloud infrastructure from internal and external threats.

- Strengthen access control, encryption, and data protection mechanisms to prevent breaches.

- Work closely with product and engineering teams to design and implement security-first architectures.

Ethical Hacking and Offensive Security :

- Lead red-teaming and adversary simulations against critical infrastructure.

- Identify zero-day vulnerabilities, exploit development, and reverse engineering.

- Conduct bug bounty research, responsible disclosures, and ethical hacking to improve product security.

- Develop and automate custom security testing frameworks to assess AI/ML model security.

Security Research and Threat Intelligence :

- Research emerging threats, exploit trends, and AI security risks.

- Stay ahead of zero-day vulnerabilities, malware trends, and data exfiltration techniques.

- Develop proof-of-concept exploits and contribute to open-source security research.

- Publish security research, advisories, and contribute to CVE disclosures.

Compliance and Data Privacy :

- Ensure ISO 27001 SOC 2 GDPR, HIPAA, and PCI-DSS compliance for enterprise security requirements.

- Work with legal and compliance teams to define privacy frameworks and governance models.

- Automate compliance monitoring and integrate security controls with SIEM/XDR solutions.

Incident Response and Threat Detection :

- Detect, analyze, and respond to security incidents in real-time.

- Perform digital forensics investigations post-breach to analyze attack vectors.

- Develop playbooks and proactive defense strategies for handling sophisticated attacks.

Requirements :

- 8+ years in cybersecurity, with hands-on experience in pentesting, ethical hacking, data security, and compliance.

- Strong knowledge of DLP solutions, endpoint security, and secure cloud architectures (AWS/GCP/Azure).

- Experience in ethical hacking, bug bounty, CTF challenges, red teaming, and vulnerability research.

- Deep understanding of security frameworks like NIST, CIS, ISO 27001 SOC 2 GDPR, HIPAA, and PCI-DSS.

- Strong experience in reverse engineering, exploit development, and malware analysis.

- Proficiency in Python, Bash, PowerShell, or Golang for security automation and scripting.

- Hands-on experience with offensive security tools (Burp Suite, Metasploit, Kali Linux, Nessus, Wireshark, Nmap, IDA Pro, Ghidra).

Good-to-Have Skills :

- Experience in AI security (adversarial ML, prompt injection attacks, model security testing).

- Knowledge of data classification, tokenization, and encryption techniques.

- Experience with security research, CVE submissions, and zero-day vulnerability hunting.

- Contributions to open-source security tools, bug bounty programs, and CTF competitions.