Advanced Cyber Security Engineer (Pentesting)
We are seeking an Advanced Cyber Security Engineer with 5+ years of hands-on offensive security experience to execute vulnerability assessments and penetration testing across web applications, APIs, cloud environments, infrastructure, and GenAI/LLM-enabled systems. You will work closely with engineering teams to identify exploitable weaknesses, validate risk, and drive remediation through practical guidance and re-testing.
Key Responsibilities
- Plan and execute manual and automated penetration tests for web applications (OWASP Top 10, SANS 25), including authentication, authorization, business logic, session management, and SSO testing (SAML 2.0, OAuth 2.0, OpenID Connect).
- Perform API security testing (REST/GraphQL/gRPC) including schema abuse, authz bypass, injection, mass assignment, rate-limit bypass, and broken object-level authorization (BOLA).
- Conduct cloud security assessments across AWS/Azure/GCP (as applicable): IAM review, storage exposure, network controls, secrets handling, logging/monitoring, and common misconfiguration exploit paths.
- Assess infrastructure security including Linux/Windows hosts, Active Directory, container platforms, Kubernetes; validate privilege escalation and lateral movement paths where authorized.
- Perform GenAI security assessments for LLM/RAG/agentic workflows, including prompt injection, data exfiltration paths, tool/function-call abuse, insecure plugin/tooling, model output handling, and evaluation of guardrails.
- Write high-quality reports with clear reproduction steps, risk ratings, business impact, and actionable remediation guidance; present results to technical and non-technical stakeholders.
- Partner with engineering teams to validate fixes through re-testing and to improve secure-by-design practices.
- Develop and maintain testing playbooks and reusable test cases; mentor junior testers and contribute to internal knowledge sharing.
Required Qualifications
- 5+ years of hands-on experience performing penetration tests and security assessments (web, API, cloud, and infrastructure), with strong manual penetration testing capability.
- Strong web exploitation experience across common vulnerability classes (e.g., injection, SSRF, deserialization, authn/authz flaws, XXE, IDOR, CSRF, and business logic abuse).
- Proven experience testing APIs using tools and custom scripts; ability to interpret OpenAPI/Swagger specs and derive abuse cases.
- Experience conducting cloud security assessments (AWS/Azure/GCP) including networking, and common misconfigurations; familiarity with cloud-native attack paths.
- Experience assessing infrastructure across Linux/Windows, networking fundamentals, and privilege escalation techniques; exposure to AD and container/Kubernetes environments.
- Exposure to GenAI security testing and assessment approaches (prompt injection, RAG data exposure, indirect prompt injection, model/tool abuse, sensitive data handling).
- Develop custom security testing scripts, automated tools, and frameworks to improve testing efficiency and coverage.
- Deep knowledge of OWASP Top 10, SANS Top 25, and common attack vectors.
- Proficiency in penetration testing tools (e.g., Metasploit, Burp Suite, Nmap, Nessus).
- Proficiency with at least one scripting language (Python preferred) for automation and exploit development/support.
- Solid understanding of networking protocols (TCP/IP, HTTP/S, DNS)
- Strong written and verbal communication skills with demonstrated experience producing professional pentest reports.
- Experience working within defined rules of engagement and handling sensitive data responsibly.
Technical Skills & Tools
- Web/API testing: Burp Suite, OWASP ZAP, Postman/Insomnia, custom scripts, fuzzing tools.
- Recon & exploitation: Nmap, nuclei (or similar), Metasploit (as applicable), wordlists, basic reversing/debugging helpful.
- Code & CI/CD: Git, code review for security, SAST/DAST concepts, pipeline security checks.
- GenAI: familiarity with LLM/RAG architectures, evaluation techniques, and security testing patterns for prompt injection and tool/function-call abuse.
Nice to Have
- Experience with adversary emulation/red teaming, phishing simulations, or purple team engagements.
- Experience assessing mobile apps (iOS/Android) and thick clients.
- Threat modelling experience and secure design review participation.
- Experience building security test harnesses for LLM applications (prompt test suites, red-team datasets, model behavior evaluation).
- Bug bounty track record, public research, CVEs, conference talks, or open-source contributions.
- Power BI skills: ability to build security metrics dashboards and reports (DAX basics, data modeling, and visualization best practices).
Certifications (Preferred)
- OSCP (Offensive Security Certified Professional) is strongly preferred.
- Other desired certifications include CISSP, CEH, or GIAC. GWAPT / GPEN (or equivalent)
- Cloud security certifications (e.g., AWS Security Specialty, Azure Security Engineer, GCP Professional Cloud Security Engineer)
Work Style
- Operate independently with ambiguous problem statements and tight timelines.
- Collaborative mindset—able to influence without authority and build strong partnerships with engineering teams.
- High integrity and professionalism when handling sensitive data and access.