The role is part of the Service Delivery function, and we are seeking candidates with an achiever s mindset seeking fast growth in the technology-centric work environment and ample exposure to the latest in the industry to meet challenging customer requirements. PRIMARY RESPONSIBILITIES The right candidate should have proficiency in conducting TWO or more of the below type of assessments. Perform intelligence-led security assessments on Internet-facing web applications Perform security assessments on internal/external software applications/services, including the services layer segments with REST/SOAP/GraphQL APIs, ESB, Middleware, or other channels. Perform penetration tests across public/private network infrastructure assets Perform code aware penetration testing and security assessment of the iOS/Android mobile applications Perform assessments of wireless networks and OT assets/components Perform security assessment of cloud environments (AWS/Azure/GCP/other) with automated tools, custom scripts, and configuration audits. Perform internal and external adversary emulations and AD red teaming. ADDITIONAL RESPONSIBILITIES Develop testing scripts and procedures for comprehensive assessment requirements Conducts penetration tests and vulnerability assessments against client infrastructure following a standard testing methodology using automated, ad-hoc, and manual testing techniques. Compile executive and technical reports and make recommendations to findings in a responsive fashion. Conducts external and internal segmentation testing against client infrastructure. Develop penetration testing strategy and test cases for complex enterprise applications Develop methodology documents and pre-engagement questionnaires for Penetration Testing and Vulnerability Assessment projects. Thoroughly document exploit chain/proof of concept scenarios for client consumption. REQUIREMENTS 3-6 years of relevant work experience. Based on experience and skill set, candidates will be considered for Associate Consultant, Consultant, Senior Consultant, or SME positions. Ability to work methodically, independently, and prioritize work Excellent communication skills (written verbal) in English, must be able to present complex technical topics in a clear and structured way, ability to moderate discussions, meetings, and projects. Being able to assume the role of a trusted subject matter expert. Strong technical knowledge in performing manual/ automated network security assessments using open-source and commercial security tools on various operating systems, applications, networks, and security infrastructure devices. Excellent up-to-date technical and hands-on knowledge and experience in current attack methods, penetration testing methods, and hacking tools, especially for web applications, are required. A Desire to learn and to share knowledge. Deep knowledge of common software vulnerabilities, such as OWASP Top 10 and CWE/SANS Top 25. Hands-on experience in Kali Linux, Metasploit, Nexpose, Nmap, Burp, Paros, Nessus, Appscan, Core Impact, and other relevant tools. Programming experience in Python, PHP, Perl, Ruby, NET, or other interpreted or compiled languages. Experience with reverse engineering, exploit development, and mobile and industrial control systems are a plus. OSCP/OSWE/OSEP/OSCE/CRTP or other security certifications are desirable Flexibility and adaptability to work in a growing, dynamic, international team with a strong customer-oriented attitude Willingness to travel extensively (domestic/international)

The right candidate is expected to have proficiency in conducting some or all of below assessment types. Perform intelligence-led security assessments on Internet-facing web applications. Perform security assessments on internal/external software applications/services, including the services layer segments with REST/SOAP/GraphQL APIs, ESB, Middleware, or other channels. Perform penetration tests across public/private network infrastructure assets. Perform code aware penetration testing and security assessment of the iOS/Android mobile applications. Perform assessments of wireless networks and OT assets/components Perform security assessment of cloud environments (AWS/Azure/GCP/other) with automated tools, custom scripts, and configuration audits. Perform internal and external adversary emulations. ADDITIONAL RESPONSIBILITIES Dependent on the role Develop testing scripts and procedures for comprehensive assessment requirements. Conducts penetration tests and vulnerability assessments against client infrastructure following a standard testing methodology using automated, ad-hoc, and manual testing techniques. Compile executive and technical reports and make recommendations to findings in a responsive fashion. Conducts external and internal segmentation testing against client infrastructure. Develop penetration testing strategy and test cases for complex enterprise applications. Develop methodology documents and pre-engagement questionnaires for Penetration Testing and Vulnerability Assessment projects. Thoroughly document exploit chain/proof of concept scenarios for client consumption. REQUIREMENTS 1-4 years of relevant work experience. Based on experience and skill set, candidates will be considered for Associate Consultant, Consultant or Senior Consultant. Ability to work methodically, independently, and prioritize work Excellent communication skills (written verbal) in English, must be able to present complex technical topics in a clear and structured way, ability to moderate discussions, meetings, and projects. Being able to assume the role of a trusted subject matter expert. Strong technical knowledge in performing manual/ automated network security assessments using open-source and commercial security tools on various operating systems, applications, networks, and security infrastructure devices. Excellent up-to-date technical and hands-on knowledge and experience in current attack methods, penetration testing methods, and hacking tools, especially for web applications, are required. A Desire to learn and to share knowledge. Deep knowledge of common software vulnerabilities, such as OWASP Top 10 and CWE/SANS Top 25. Hands-on experience in Kali Linux, Metasploit, Nexpose, Nmap, Burp, Paros, Nessus, Appscan, Core Impact, and other relevant tools. Programming experience in Python, PHP, Perl, Ruby, NET, or other interpreted or compiled languages. Experience with reverse engineering, exploit development, and mobile and industrial control systems are a plus. OSCP/OSWE/OSEP/OSCE/CRTP or other security certifications are desirable. Flexibility and adaptability to work in a growing, dynamic, international team with a strong customer-oriented attitude. Willingness to travel extensively (domestic/international)

About Us : NST Cyber pioneers proactive, AI-driven Cyber Threat Exposure Management (CTEM). We offer a highly challenging environment with complex use cases making you a part of a novel solution. Responsibilities : Lead and mentor a team of developers to deliver high-quality software solutions. Collaborate with product managers, architects, and other stakeholders to understand project requirements and provide technical guidance. Hands-on development using TypeScript, MongoDB, NestJS, Angular, Serverless architecture, Python, Container and Orchestration (Docker and Kubernetes) Design the solution architecture and project framework for the dev team to build on. Oversee and actively contribute to the design and architecture of scalable and maintainable software systems. Lead sprint planning and ensure the team meets project milestones and deadlines. Delegate tasks effectively, considering the strengths and expertise of individual team members. Clear blockers for developers by addressing technical challenges and providing guidance. Conduct code reviews to maintain code quality, consistency, and adherence to coding standards. Explain features and bugs to developers, fostering a collaborative and transparent development environment. Collaborate with cross-functional teams to ensure alignment between technical solutions and business goals. Requirements: Bachelor s degree in computer science, Software Engineering, or a related field. 6 years of professional experience in software development. Strong technical proficiency in TypeScript, Python, React JS, MongoDB, NestJS, Angular, Serverless architecture, and CloudFront. Proven experience in leading and managing development teams. Excellent soft skills, including task delegation, sprint planning, and effective communication. Knowledge on design patterns and Solution Architecture development Experience in resolving technical blockers and providing guidance to the team. Demonstrated ability to explain features and bugs to developers clearly. Experience with agile development methodologies. Ability to thrive in a fast-paced and collaborative environment. Strong problem-solving and decision-making skills.

Collaborate with cross-functional teams to understand project requirements and translate them into technical specifications. Design, develop, and maintain scalable and efficient backend systems using TypeScript and NestJS. Implement and optimize database schemas using MongoDB and TypeORM. Integrate AWS services to enhance the functionality and performance of the backend architecture. Work on serverless architecture to build and deploy microservices. Write clean, maintainable, and efficient code while adhering to coding standards and best practices. Conduct code reviews to ensure code quality and mentor junior developers. Troubleshoot and debug issues, providing timely resolutions. Stay updated on industry trends and emerging technologies to recommend improvements and enhancements. Requirements: Bachelors degree in Computer Science, Software Engineering, or a related field. 2 years of professional experience in backend software development. Proficient in TypeScript and experienced with NestJS framework. Strong expertise in MongoDB and TypeORM for database design and management. Hands-on experience with AWS services, including Lambda, API Gateway, DynamoDB, and others. Familiarity with serverless architecture and its implementation in a production environment. Solid understanding of software development principles, design patterns, and best practices. Excellent problem-solving and debugging skills. Strong communication and collaboration skills. Ability to work in a fast-paced and dynamic environment. Knowledge of other programming languages such as Python or Java. Experience with containerization and orchestration tools like Docker and Kubernetes. Familiarity with CI/CD pipelines for automated deployment.

The role is an opportunity to be a part of a very dynamic team working with the companys flagship product and we are seeking professional candidates with achiever s mindset seeking fast growth in the technology-centric work environment and ample exposure to the latest in the industry to meet challenging customer requirements. You will be responsible for conducting intelligence-led security assessments, identifying, and exploiting vulnerabilities in web applications, networks, and mobile platforms, and developing effective mitigation strategies. You will also stay abreast of the latest trending vulnerabilities and zero-day threats, ensuring our systems remain secure against evolving threats. Primary Responsibilities Conduct comprehensive intelligence-led security assessments, including vulnerability scanning and penetration testing on internet facing assets, including web, network, mobile and cloud. Design and execute sophisticated test cases to identify critical vulnerabilities in web applications, networks, and mobile platforms. Develop testing scripts and procedures for comprehensive assessment requirements. Research and analyse the latest trending vulnerabilities and zero-day threats, staying ahead of emerging security risks. Document findings and recommendations in clear, concise, and actionable reports. Communicate security risks and mitigation strategies to stakeholders at all levels. Lead a small team of consultants/associate consultants, review and provide feedback on team members deliverables, provide mentorship and guidance to help team members enhance their skills and knowledge. Foster a collaborative and supportive work environment effectively in the best interests of the organisation. Requirements Minimum 5 years of experience as an Offensive Security consultant or a related role Proven experience conducting intelligence-led security assessments. Strong understanding of web application, network, and mobile security vulnerabilities. Advanced knowledge of penetration testing methodologies and tools. Some experience in scripting languages such as Python or Ruby. Experience with vulnerability management tools and frameworks. Excellent analytical and problem-solving skills. Excellent written and verbal communication skills. Ability to work independently and as part of a team. Open to and proactive in learning about new security trends and technologies. Open to working in rotational shifts. Flexible and adaptable to changing work environments. Benefits Opportunity to work on challenging and impactful projects. Collaborative and supportive work environment. Continuous learning and development opportunities. Opportunity to work with cutting-edge technologies. Leadership and mentorship experience.