Job Description

Key Responsibilities: 1. Red Team Operations & Adversary Simulation Plan and execute Red Team engagements , including assumed breach, external/internal network, web, mobile app, and cloud security assessments . Develop custom attack scenarios emulating APT (Advanced Persistent Threat) tactics, techniques, and procedures (TTPs). Conduct physical security assessments, social engineering attacks, and OSINT reconnaissance to identify security gaps. Work with Blue Team/SOC to fine-tune threat detection, incident response, and security monitoring strategies. 2. Web & Mobile Application Security Testing Perform manual and automated security testing of Android and iOS applications , identifying vulnerabilities such as improper authentication, insecure storage, and API abuse . Assess web applications for OWASP Top 10 vulnerabilities and perform deep-dive penetration testing to uncover critical security flaws. Reverse engineer mobile applications, analyze network traffic, and exploit mobile-specific vulnerabilities . Evaluate mobile app security controls , including certificate pinning, root/jailbreak detection, and encryption . 3. Network Penetration Testing & Infrastructure Security Conduct internal and external network penetration testing , identifying misconfigurations, unpatched systems, and exploitable services . Exploit Active Directory environments , perform privilege escalation , and demonstrate attack chains leading to full domain compromise. Simulate MITM (Man-in-the-Middle) attacks, exploit wireless networks, and bypass endpoint security solutions . Test cloud environments (AWS, Azure, GCP) for misconfigurations, exposed APIs, and IAM vulnerabilities . 4. OSINT & Threat Intelligence Gathering Utilize OSINT techniques to gather intelligence on targets, employees, exposed credentials, and sensitive information leaks . Perform dark web reconnaissance to identify potential data breaches, compromised accounts, and organization-specific threats. Leverage automated OSINT tools, dorking techniques, and social media footprint analysis to identify attack surfaces. 5. Bug Bounty & Vulnerability Research Apply bug bounty methodologies to uncover zero-day vulnerabilities in various applications and networks. Conduct responsible disclosure of security flaws, working with vendors and security teams to remediate issues. Research and develop custom exploits, proof-of-concepts (PoCs), and attack chains to demonstrate real-world security risks. Stay up-to-date with new vulnerabilities, CVEs, and emerging attack techniques to enhance testing methodologies. 6. Security Tooling, Automation & Reporting Develop custom scripts and automation tools (Python, Bash, PowerShell) to streamline Red Team operations . Utilize tools like Burp Suite, Metasploit, Cobalt Strike, Kali Linux, Nmap, BloodHound, and Wireshark to conduct comprehensive assessments. Create detailed security reports with risk analysis, attack paths, and remediation recommendations tailored for both technical and executive audiences . Conduct training sessions and knowledge sharing for internal teams on offensive security techniques and adversary behavior . Required Skills & Qualifications: Technical Expertise: Expert-level penetration testing in mobile (Android/iOS), web applications, and network security . Strong knowledge of offensive security tools : Burp Suite, Metasploit, Cobalt Strike, Wireshark, Frida, Objection, MobSF, and more. Advanced OSINT skills , including Google dorking, social engineering, dark web research, and reconnaissance techniques . Deep understanding of MITRE ATT&CK, TTPs, and Red Team strategies . Cloud security testing experience (AWS, Azure, GCP). Strong bug bounty experience with a proven track record of responsible disclosures and vulnerability discoveries. Experience with reverse engineering, exploit development, and malware analysis is a plus. Proficiency in scripting languages (Python, Bash, PowerShell, JavaScript, or Go) for automation and exploit development. Soft Skills & Leadership: Strong leadership skills with experience managing and mentoring a Red Team. Ability to think like an attacker and simulate real-world threats effectively. Excellent communication and reporting skills , capable of explaining findings to technical teams and executives. Ability to work independently while collaborating with Blue Teams, SOC, DevSecOps, and IT teams . Preferred Certifications: OSCP (Offensive Security Certified Professional) OSWE (Offensive Security Web Expert) Web Application Penetration Testing OSED (Offensive Security Exploit Developer) – Advanced Exploit Development GXPN (GIAC Exploit Researcher and Advanced Penetration Tester) GWAPT (GIAC Web Application Penetration Tester) GMOB (GIAC Mobile Device Security Analyst) – Android/iOS Security CREST CRT (Certified Red Team)