We're seeking a highly skilled Senior Penetration Testing Specialist to lead our offensive security practice. You'll work on challenging engagements including critical infrastructure. This is a hands on technical role for someone passionate about breaking systems and finding vulnerabilities before malicious actors do.

Key Responsibilities

• Execute advanced penetration testing across web applications, mobile apps, APIs, thick clients, and network infrastructure

• Perform in-depth source code reviews for Java, .NET, Python, Node.js, and mobile applications

• Conduct red team operations and adversary simulation exercises

• Develop custom exploits and proof of concept code

• Lead cloud security assessments (AWS, Azure, GCP)

• Perform IoT and OT security testing for specialized clients

• Mentor junior penetration testers and develop team capabilities

• Create comprehensive technical reports with actionable remediation guidance

• Research emerging attack vectors and developls

• new testing methodologies

Essential Requirements

• Experience: 6-10 years of hands-on penetration testing experience

• Certifications: At least two from - OSCP, OSCE, OSWP, GPEN, GWAPT, GMOB, CRTP

• Technical Mastery:

  • Expert-level proficiency with Burp Suite Pro, Metasploit, Cobalt Strike

  • Strong exploitation skills across Windows, Linux, and mobile platforms

  • Proficient in Python, Bash, PowerShell for tool development

  • Deep understanding of OWASP Top 10, SANS Top 25, MITRE ATT&CK

  • Experience with container and Kubernetes security

• Specialized Skills:

  • Web application exploitation (SQLi, XXE, SSRF, Deserialization, etc.)

  • Mobile application security testing (iOS/Android)

  • Active Directory exploitation and lateral movement

  • Cloud-native application testing

Preferred Qualifications

• CREST certification (CRT, CCT, CPSA)

• Published CVEs or acknowledged bug bounties

• Security research publications or conference presentations

• Experience with automotive, IoT, or OT security testing

• Exploit development and reverse engineering skills

• DevSecOps and CI/CD pipeline security

What We Offer

• Competitive Package

• Cutting-edge Projects: Work on high-stakes VAPT engagements for banking and fintech clients

• Tool Access: Licensed versions of premium security tools and cloud labs

• Research Time: Dedicated time for security research and tool development

• Continuous Learning: Funding for advanced certifications and training

• Conference Participation: Support for attending and speaking at security conferences

• Global Exposure: International client projects in Middle East, US and UK markets

Location

Primary: Kochi/Kozhikode, Kerala

How to Apply

Send your detailed CV along with:

1. Your HackTheBox/TryHackMe profile or CTF achievements

2. Brief write-up of your most interesting vulnerability discovery

3. GitHub link to any security tools you've developed