Offensive security researcher

About the role

We are seeking a skilled Offensive Security Researcher with 34 years of hands-on

experience in penetration testing, red teaming, vulnerability research, and exploit

development. The ideal candidate will be responsible for identifying and exploiting security

weaknesses across a variety of systems, applications, and networks to simulate real-world

cyberattacks.

This role is critical in strengthening our organization's security posture by providing actionable

insights, supporting incident response, and contributing to continuous security improvements.

You will work closely with security engineers, blue teams, and development teams to bridge

gaps between offense and defense.

Responsibilities:

Conduct vulnerability research to identify and exploit security weaknesses in systems

and applications.

Develop and deploy custom payloads for various platforms and environments for

adversarial simulation and red teaming.

Utilize C2 frameworks to maintain access and control over compromised systems.

Perform malware reverse engineering to understand and counteract malicious

software.

Identify and exploit vulnerabilities in custom and third-party applications, operating

systems, and hardware.

Research and develop exploits or payloads to demonstrate risk impact on both

Windows and Linux environments.

Create detailed technical reports and executive summaries with remediation

recommendations.

Continuously research emerging threats, attack techniques (TTPs) and reproduce in the

test environment.

Contribute to the development of red teaming tools and frameworks.

Participate in red team exercises to simulate real-world attacks and test defensive

measures.

Ensure operational security throughout all phases of research and development.

Required Qualifications:

Familiarity with payload and exploit development techniques for Windows and Linux

environments.

Scripting and automation skills using Python, Bash, PowerShell, or similar languages.

Strong proficiency with tools such as Burp Suite, Metasploit, Sliver, Cobalt Strike,

Nmap, Wireshark, Nessus, and others.

Expertise in malware reverse engineering using tools like IDA Pro, Ghidra, or

Radare2.

In-depth knowledge of how AV and EDR systems operate, including their detection

methods, and proficiency in evasion techniques to circumvent these technologies.

Deep understanding of MITRE ATT&CK framework, OWASP Top 10, CWE, and

CVSS scoring.

Experience in red teaming and simulating advanced persistent threats (APTs).

Understanding operational security practices to maintain anonymity and avoid

detection.

Familiarity with social engineering techniques and phishing campaigns is a plus.

Relevant certifications are highly desirable (e.g., OSCP, CRTO CEH etc.,).

Bachelor's or Master's degree in Computer Science, Cybersecurity, Information

Technology, or equivalent practical experience.

34 years of professional experience in offensive security and red teaming.