Startup Jobs
Post a Job

Abnormal Security is hiring a

Lead Redteam/Offensive Security Engineer

Bengaluru, India

About the Role

Abnormal Security is looking for a Lead Offensive Security Engineer to join the Security & Privacy team. As a leading cybersecurity company, it is imperative we find, analyze, and remediate vulnerabilities in our products and supporting systems. This role is responsible for proactively identifying vulnerabilities and weaknesses within our systems, network, and applications. Leveraging your expertise in penetration testing, threat modeling, and red teaming, you will conduct comprehensive security assessments to provide actionable recommendations to mitigate risks and strengthen our security posture. 

Who you are

  • Strong oral and written communication skills along with presentation skills; the ability to quickly build rapport with internal and external stakeholders.
  • Analytical skills, with the ability to identify patterns, trends, and anomalies in large and complex data sets.
  • Team player, collaborative work style.
  • High attention to detail, process, and organization.
  • Outstanding analytical skills and exercises good business judgment
  • Demonstrated experience presenting detailed, technical concepts to both technical and non-technical audiences.
  • Results-oriented, values collaboration, self-motivated, and willing to adapt to change in a fast-moving environment.
  • Ability to manage multiple priorities and meet deadlines in a fast-paced environment.
  • Operate within an agile environment and provide leadership to adapt to dynamics in technology, industry, cyber threats, and our own business.

What you will do 

  • Define the strategic direction and goals of the offensive security program in alignment with organizational objectives.
  • Mentor and coach team members, fostering their professional development and growth.
  • Develop and implement threat modeling processes to systematically identify and prioritize potential security threats and attack vectors.
  • Oversee and conduct security assessments, penetration tests, and red team exercises to identify vulnerabilities and weaknesses.
  • Conduct cloud penetration testing engagements to assess specific workloads (i.e., AWS, GCP, Azure, containers, or other PaaS and SaaS instances) for vulnerabilities and subsequently attempt to exploit identified weaknesses after receiving permission from client stakeholders.
  • Design and develop novel threat detection techniques or methodologies, from creating proof-of-concept to productizing the solution.
  • Replicate attacker techniques and tooling to produce samples for use during detection development and for detection validation and gap identification.
  • Collaborate with cross-functional teams to integrate security into the software development lifecycle and ensure compliance with regulatory requirements.

Must Haves 

  • Bachelor’s Degree in Information Security, Computer Science, Digital Forensics, Cyber Security, or equivalent years of professional experience to meet job requirements and expectations.
  • 8+ years of experience in the security domain, including both a detailed understanding of attacker techniques and how to emulate those techniques.
  • Experience with one or many Threat Modeling frameworks and practical application of those frameworks in a SaaS-based environment.
  • Strong understanding of offensive security techniques, tools, and methodologies, with a focus on ethical hacking and proactive threat hunting.
  • Experience with AWS/GCP/Azure cloud exploitation, including assessing security configurations, identifying misconfigurations, and exploiting vulnerabilities in AWS/GCP/Azure environments.
  • Excellent problem-solving skills with a proactive approach to identifying and resolving technical challenges.
  • Ability to write technical reports and communicate technical content to non-technical audiences.
  • Strong interpersonal skills with the ability to effectively communicate technical concepts to both technical and non-technical stakeholders. Proven ability to collaborate with cross-functional teams.

Nice to Have 

  • Advanced degree in Computer Science, Engineering, or Cybersecurity.
  • OSCP, OSCE, GPEN, GCIH, GCPN, GWAPT certifications.
  • Advanced knowledge of testing modern authentication systems and identity provider integrations.
  • Knowledge of DevOps practices and tools for automation, continuous integration, and continuous deployment (CI/CD) pipelines.

 

#LI-MT1

Apply for this job

Please mention you found this job on AI Jobs. It helps us get more startups to hire on our site. Thanks and good luck!

Get hired quicker

Be the first to apply. Receive an email whenever similar jobs are posted.

Ace your job interview

Understand the required skills and qualifications, anticipate the questions you may be asked, and study well-prepared answers using our sample responses.

Offensive Security Engineer Q&A's
Report this job
Apply for this job