Job Summary
We are looking for highly skilled Red Teamers with strong real-world offensive security experience to join our cybersecurity team in Mumbai. The ideal candidate should possess deep expertise in network penetration testing, privilege escalation, lateral movement, post-exploitation, and custom exploit development.
The role requires hands-on experience with advanced offensive security techniques, red team operations, attack simulations, and custom tooling beyond standard penetration testing methodologies.Key Responsibilities
- Conduct advanced red team engagements across enterprise environments.
- Perform network penetration testing, privilege escalation, lateral movement, and post-exploitation activities.
- Simulate sophisticated attack scenarios to evaluate organizational security posture.
- Develop and utilize custom offensive security tools, scripts, and exploits.
- Work with Command & Control (C2) frameworks and exploitation chains.
- Identify vulnerabilities across networks, endpoints, cloud environments, and enterprise infrastructure.
- Execute stealth-based operations and bypass defensive security controls.
- Perform reconnaissance, attack surface mapping, and adversary emulation activities.
- Collaborate with blue teams and security stakeholders to improve detection and response capabilities.
- Prepare detailed technical reports with remediation recommendations and attack narratives.
Required Skills
- 7+ years of hands-on offensive security / red team experience.
- Strong expertise in:
- Network Penetration Testing
- Privilege Escalation
- Lateral Movement
- Post-Exploitation Techniques
- Exploitation Chains
- Experience working with C2 frameworks such as:
- Cobalt Strike
- Sliver
- Empire
- Mythic
- Havoc
- Ability to write custom exploits, payloads, and offensive tooling.
- Strong scripting/programming skills in:
- Python
- Bash
- PowerShell
- Go (preferred)
- Deep understanding of:
- Active Directory Attacks
- Windows/Linux Internals
- Network Protocols
- Evasion Techniques
- Experience with offensive security tools:
- Metasploit
- Burp Suite
- Nmap
- BloodHound
- Mimikatz
- CrackMapExec
- Impacket
- Strong knowledge of MITRE ATT&CK framework and adversary simulation.
Preferred Skills
- Certifications such as:
- OSCP
- GPEN
- CEH
- CRTO
- OSEP
- Experience in cloud offensive security (AWS/Azure/GCP).
- Malware analysis or exploit research exposure is an added advantage.
- Experience in secure infrastructure assessments and threat emulation exercises.
Additional Information
- Hard skills and practical offensive security expertise are prioritized over certifications.
- Candidates must be comfortable working from the Mumbai office full-time.
- Immediate joiners or candidates with short notice periods are preferred.
