CrawlJobs Logo

Lead – Offensive Security

India, Kochi · Job Posted February 24, 2026
Apply Position
Job Link Share

Job Description

As a Lead – Offensive Security, you will be part of the Security Assurance Team responsible for evaluating and strengthening Lulu Retail’s cybersecurity posture. This role contributes to the broader objectives of IT security, cyber resilience, and regulatory compliance.

Job Responsibility

  • Plan and execute periodic offensive security testing, including: Vulnerability Assessments Penetration Testing WiFi Security Testing Network Segmentation Testing PCI-DSS ASV Scan Active Directory security audits Red Teaming activities
  • Perform cloud security assessments (AWS & Azure), identifying misconfigurations and architectural flaws
  • Conduct CVE analysis, risk prioritization, and remediation tracking
  • Ensure security testing is conducted on schedule, risks are mitigated and practices align with compliance programs
  • Collaborate with developers, DevOps, and IT teams to remediate vulnerabilities and implement security best practices
  • Generate and deliver comprehensive reports
  • track remediation activities through closure
  • Schedule and lead meetings with asset owners to explain vulnerabilities, share best practices, and recommend remedial actions

Requirements

  • Bachelor’s degree in Computer Science or related field
  • Minimum 3 years of relevant experience in cybersecurity
  • Certifications such as CEH, ECSA, CHFI, or other recognized cybersecurity credentials are highly recommended
  • Strong understanding of Penetration testing and vulnerability/patch management practices and advanced cyber threats and mitigation strategies
  • Proficient in IT security tools and platforms: Anti-malware, Firewalls, IPS, DLP, Web proxies, Email Security, Cloud Security (AWS & Azure), Privileged Access Management, IAM
  • Familiarity with security frameworks and standards: OWASP, NIST 800-64, PCI-DSS, ISO 27001, GDPR
  • Excellent communication and interpersonal skills
  • Strong organizational and time management skills
  • Ability to work both independently and collaboratively in a team environment

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Similar Jobs for

Lead – Offensive Security

8 matching positions

Senior Consulting Director, Offensive Security, Proactive Services (Unit 42)

The Senior Consulting Director, Offensive Security will lead a team of technical...
Location
Location
United States , California
Salary
Salary:
236000.00 - 275000.00 USD / Year
paloaltonetworks.com Logo
Palo Alto Networks
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree with 12 years of experience, Master's degree with 8 years of experience, or PhD with 5 years of experience in Information Security, Computer Science, Digital Forensics, Cyber Security, or a related field
  • Extensive experience managing a team of consultants in the execution of a variety of penetration testing requirements
  • Exceptional communication and interpersonal skills, with the ability to serve as a front-facing representative of Palo Alto Networks, building and maintaining strong relationships with clients and stakeholders
  • Proven ability to draft thorough, articulate reports that convey technically complex material to an executive-level audience, ensuring clear understanding and informed decision-making
  • Experience scoping new opportunities with prospective clients, including drafting statements of work and proposals
  • Hands-on experience and deep understanding of tools and techniques for conducting network, wireless, and web application penetration testing
  • Ability to perform travel requirements as needed to meet business demands (on average 30%)
Job Responsibility
Job Responsibility
  • Provide a direct positive influence on the security posture of the world's most prestigious organizations by leading Unit 42's elite group of cybersecurity professionals in a variety of assessments for our top-tier clientele
  • Orchestrate and manage a dynamic schedule for a large team of elite offensive security specialists, ensuring optimal alignment of skill sets to meet client needs and maximize usage of available billable hours
  • Serve as a mentor to a team of offensive security personnel, maximizing professional development by providing ad hoc technical guidance and aligning employees with appropriate industry-standard training courses
  • Craft policies governing offensive security practices which reflect cutting-edge capabilities of advanced persistent threat actors and enforce security best practices that ensure the safety of our client's environments
  • Fulfill a customer-facing case leadership role for multiple concurrent events, guiding a technically diverse team of personnel through the complex challenges posed by some of the world's largest networks
  • Ensure high quality engagement outcomes and deliverables by providing quality assurance and technical oversight during engagements
  • Provide hands-on support for highly complex offensive security operations, utilizing cutting-edge techniques in technically challenging environments
  • Provide front-line support to the sales team by meeting with clients to clearly articulate various penetration approaches and methodologies to both technical and executive audiences
  • Transform customer requirements into executable statements of work, including a work breakdown structure with accurate estimates of billable hours for each discrete phase of testing
  • Develop scripts, tools, and methodologies to automate and streamline internal processes and engagements
What we offer
What we offer
  • restricted stock units
  • bonus
  • employee benefits
  • Fulltime
Read More
Arrow Right

Staff Engineer, Offensive Security

The Staff Engineer acts as a Technical Lead. You don't just find bugs; you desig...
Location
Location
Ireland
Salary
Salary:
Not provided
stytch.com Logo
Stytch
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 7-10 years in offensive security, penetration testing, a high-volume bug bounty background, AppSec, or vulnerability exploitation
  • track record of finding high/critical vulnerabilities in complex environments using pentesting commercial or custom tools
  • Expert Knowledge and solid understanding of the MITRE ATT&CK matrix and the OWASP Top 10 for web applications and top 10 for LLMs
  • post exploitation (lateral movement, persistence, data exfiltration) and Adversarial ML
  • Proficient in OffSec popular tools like Burp Suite professional, Nmap, Metasploit, Wireshark etc... and AI security tools such as LangChain, TensorFlow for adversarial testing or, as well as use of C2 frameworks (Cobalt Strike, Sliver, Havoc) or similar tools
  • Ability to write functional scripts in Python or Bash to automate repetitive testing tasks
  • proficiency in coding and scripting like Python, C++, and scripting for creating custom offensive exploits that avoids signature-based detection
  • Possession of advanced industry certifications such as OSCP, OSEP, OSWE, GXPN or similar training in OffSec tracks is highly desirable
Job Responsibility
Job Responsibility
  • Full-Stack Penetration Testing: Perform manual and automated testing of web applications, APIs, and mobile apps (iOS/Android)
  • Internal/External Network Audits: Conduct network and cloud level assessments with various tooling
  • Vulnerability Validation: Triage and validate reports from automated scanners or bug bounty hunters to eliminate false positives and escalate true positives
  • AI/LLM Probing: Perform initial prompt injection and jailbreak tests on AI prototypes, services, and applications using established checklists (OWASP Top 10 for LLMs)
  • Technical Reporting: Draft high-quality reports that detail the 'path to compromise' with clear, reproducible steps for developers
  • Tool Maintenance: Manage and update the team's testing infrastructure (e.g., Burp Suite, and basic C2 listeners)
  • Remediation Support: Provide direct technical guidance to engineering teams on how to patch vulnerabilities like XSS, SQLi, and IDOR
  • Adversary Emulation: Design and lead multi-week Red Team operations that mimic specific threat actors (APTs) to test the SIRT detection capabilities
  • Custom Exploit Development: Build custom payloads, droppers, and obfuscated scripts to bypass EDR/AV and maintain stealth
  • AI Red Teaming Architecture: Build automated testing frameworks for AI systems (e.g., using PyRIT, Promptfoo, or Garak) to test for models related to sensitive data leakage
What we offer
What we offer
  • competitive pay
  • generous time off
  • ample parental and wellness leave
  • healthcare
  • a retirement savings program
Read More
Arrow Right

Offensive Security Tester

The Offensive Security Consultant role involves leading advanced penetration tes...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum of 5 years of demonstrable professional experience in penetration testing
  • Strong emphasis on understanding, emulating, and leveraging adversarial tactics and threat intelligence
  • Comprehensive understanding of OT and IT asset profiles, technologies, and security best practice principles
  • In-depth knowledge of network protocols, cryptography, security vulnerabilities, and common attack vectors
  • Demonstrated proficiency in utilizing a wide range of penetration testing tools and methodologies
  • Proven experience in scoping and executing complex penetration tests
  • Exceptional written and verbal communication skills
  • Strong organizational and time management skills
  • Current CREST CRT certification or higher is essential
  • Must hold or be eligible for SC Clearance
Job Responsibility
Job Responsibility
  • Lead and manage the full lifecycle of complex penetration testing engagements
  • Execute advanced penetration tests across a broad range of environments (applications, infrastructure, web, APIs, O365, Azure, AWS, OT)
  • Develop and maintain sophisticated test plans, execution plans, and targeted use cases
  • Identify and prioritize OT and IT assets, services, and systems based on their criticality and potential exposure
  • Strategically prioritize, plan, and schedule penetration testing engagements
  • Produce high-quality, detailed reports
  • Clearly and effectively communicate complex security concepts
  • Collaborate closely with client IT and cybersecurity teams
  • Track the progress of remediation efforts
  • Conduct proactive security research and contribute to the creation of technical content
What we offer
What we offer
  • Tailored benefits that support physical, emotional, and financial wellbeing
  • Continuous growth and development opportunities
  • Flexible work options
Read More
Arrow Right

Staff Offensive Security Engineer

At GEICO, we offer a rewarding career where your ambitions are met with endless ...
Location
Location
United States , Chevy Chase; Palo Alto; Seattle
Salary
Salary:
115000.00 - 230000.00 USD / Year
geico.com Logo
Geico
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Mastery of vulnerability discovery and exploitation across applications, networks, and cloud using tools (e.g., Burp Suite, Metasploit), and custom scripts (Python, PowerShell)
  • Advanced understanding of OWASP, MITRE ATT&CK framework, software development lifecycle (SDLC), threat modeling, red/purple teaming, and attack path development
  • Hands-on experience with tools like Cobalt Strike, Mythic, BloodHound, and AutoSploit
  • Relevant professional security certifications (e.g. from GIAC or others)
  • Proven experience in achieving results efficiently through automation and establishing best practices
  • Proven track record to deliver business outcomes for meeting regulatory and compliance obligations
  • Ability to force multiply through coaching and mentorship to offensive security engineers across all functions (penetration testing, red teaming, purple teaming)
  • 8+ years in engineering focused role, preferably in the tech industry
  • 5+ years of experience in offensive security (penetrating testing, red team, and purple team)
  • 5+ years of hands-on experience performing penetration-testing, red teaming, and purple teaming activities
Job Responsibility
Job Responsibility
  • Lead highly effective large-scale penetration testing initiatives
  • Participate in simulating real-world cyber-attacks (red teaming), and collaborating with defensive security teams (purple teaming)
  • Conduct tactical security penetration test assessments to validate the security of company applications (web, mobile, APIs, and AI products) against OWASP Top 10 threats and work with the Application Security team to provide feedback and recommendations to increase automated capabilities
  • Ensure penetration testing activities are meeting security, business, and compliance objectives and outcomes
  • Design and execute advanced threat emulation scenarios, including physical, social, and digital attack vectors
  • Collaborate with Blue Teams, Threat Intelligence, and Risk Management to ensure comprehensive attack coverage and feedback loops
  • Ensure operations align with industry regulations and compliance standards such as NIST, PCI DSS, and NYDFS
  • Champion continuous improvement and innovation in penetration testing, adversary simulation techniques, tools, and methodologies
What we offer
What we offer
  • Comprehensive Total Rewards program that offers personalized coverage tailor-made for you and your family’s overall well-being
  • Financial benefits including market-competitive compensation
  • a 401K savings plan vested from day one that offers a 6% match
  • performance and recognition-based incentives
  • and tuition assistance
  • Access to additional benefits like mental healthcare as well as fertility and adoption assistance
  • Supports flexibility- We provide workplace flexibility as well as our GEICO Flex program, which offers the ability to work from anywhere in the US for up to four weeks per year
  • Fulltime
Read More
Arrow Right

Principal Consultant - Offensive Security

The Principal Consultant on the Offensive Security team is focused on assessing ...
Location
Location
Japan , Tokyo
Salary
Salary:
Not provided
paloaltonetworks.com Logo
Palo Alto Networks
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 6+ years of professional experience leading Red & Purple team engagements, Advanced Attack Simulations, OSINT research, social engineering techniques, bespoke security assessments and exploit development
  • Experience testing a range of technologies (Active Directory, major OSs, cloud environments, IoT / OT) and using a range of security tools and technologies inc AI-enabled to automate and tailor engagements
  • Demonstrate a deep understanding of how malicious software works (i.e.-malware, trojans, rootkits, etc.)
  • Ability to modify known and/or craft custom exploits manually without dependence on consumer tools such as Metasploit
  • Strong knowledge of tools and techniques used to conduct network, wireless, and web application penetration testing
  • Familiarity with web application penetration testing and code auditing to find security gaps and vulnerabilities
  • Experience with penetration testing, administering, and troubleshooting major flavors of Linux, Windows, and major cloud IaaS, PaaS, and SaaS providers (i.e., AWS, GCP, and Azure)
  • Experience with scripting and editing existing code and programming using one or more of the following - Perl, Python, ruby, bash, C/C++, C#, or Java
  • Experience with security assessment tools, including Nessus, OpenVAS, MobSF Metasploit, Burp Suite Pro, Cobalt Strike, Bloodhound, and Empire
  • Knowledge of application, database, and web server design and implementation
Job Responsibility
Job Responsibility
  • Performs client penetration testing to find any vulnerabilities or weaknesses that might be exploited by a malicious party, using open-source, custom, and commercial testing tools - Red Team experience essential
  • Ability to assist in scoping engagements by clearly articulating various penetration approaches and methodologies to audiences ranging from highly technical to executive personnel
  • Report generation that clearly communicates testing and assessment details, results, and remediation recommendations to clients
  • Develop scripts, tools, and methodologies to automate and streamline internal processes and engagements
  • Conducts periodic scans of networks to find and detect vulnerabilities
  • Conducts IT application testing, cybersecurity tool and systems analysis, system and network administration, and systems engineering support for the sustainment of information technology systems (mobile application testing, penetration testing, application, security, and hardware testing)
  • Conduct threat hunting and/or compromise assessment engagements to identify active or dormant indicators of compromise (IoCs) using Crypsis and Palo Alto Networks’ threat hunting tools (and/or client owned hunting instrumentation where applicable)
  • Conduct cloud penetration testing engagements to assess specific workloads (i.e., AWS, GCP, Azure, containers, or other PaaS and SaaS instances) for vulnerabilities and subsequently attempt to exploit identified weakness after receiving permission from client stakeholders
  • Provide recommendations to clients on specific security measures to monitor and protect sensitive data and systems from infiltration and cyber-attacks including response and recovery of a data security breach
  • Ability to perform travel requirements as needed to meet business demands
  • Fulltime
Read More
Arrow Right

Staff Offensive Security Engineer

Join us in building the future of finance. Our mission is to democratize finance...
Location
Location
United States , Menlo Park
Salary
Salary:
217000.00 - 255000.00 USD / Year
robinhood.com Logo
Robinhood
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 8+ years of Red Team experience
  • Experience mentoring other team members
  • Passion and demonstrated experience for challenging security assumptions
  • Excellent written and verbal communication skills and ability to communicate your findings at many different levels of abstraction from Engineers to Executives
  • Passion for fixing security issues and not just identifying security issues
  • Familiarity with common network protocols and standards such as DNS and TCP/IP
  • Experience with MacOS and Linux
  • Experience with leveraging components of a modern software development stack to attack companies, including CI, container orchestration systems (Kubernetes/Docker), cloud providers (AWS, GCP), etc and be able to give hardening suggestions
  • Experience/knowledge of defensive tools/techniques (IDS/IPS, Packet Capture, Network Analysis, AV, EDR, etc.) and how to evade them
  • Deep understanding of Mitre’s ATT&CK Framework
Job Responsibility
Job Responsibility
  • Evangelize the Offensive Security Team’s Findings and Projects with stakeholders throughout the company and collaborate with other teams to create solutions that balance security with other priorities
  • Mentor and provide guidance to the members of the Offensive Security team
  • Utilize threat modeling to identify threats and shape Red Team priorities and exercises
  • Plan and execute long term, broadly scoped, black box Red Team exercises utilizing vulnerability research, exploit development, and utilizing public proof of concept code
  • Perform penetration testing, code reviews, and design/architecture reviews
  • Write tooling to assist with and automate Red Team assessments
  • Plan and participate in Adversarial Simulation exercises with various security teams
  • Lead Security Incidents when Pentest or Red Team findings require them
  • Publish blog posts and present talks at security conferences
What we offer
What we offer
  • Market competitive and pay equity-focused compensation structure
  • 100% paid health insurance for employees with 90% coverage for dependents
  • Annual lifestyle wallet for personal wellness, learning and development, and more
  • Lifetime maximum benefit for family forming and fertility benefits
  • Dedicated mental health support for employees and eligible dependents
  • Generous time away including company holidays, paid time off, sick time, parental leave, and more
  • Lively office environment with catered meals, fully stocked kitchens, and geo-specific commuter benefits
  • Bonus opportunities
  • Equity
  • Fulltime
Read More
Arrow Right

Senior Offensive Security Engineer

Join us in building the future of finance. Our mission is to democratize finance...
Location
Location
United States , Menlo Park
Salary
Salary:
187000.00 - 220000.00 USD / Year
robinhood.com Logo
Robinhood
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of professional experience in red teaming or offensive security roles
  • Demonstrated ability to communicate security risks effectively across multiple audiences, from engineers to executives
  • Strong programming skills in at least one language (e.g., Python, Go, JavaScript)
  • Deep familiarity with security concepts across MacOS, Linux, cloud platforms (AWS, GCP), CI/CD, and container orchestration systems (e.g., Kubernetes)
  • Experience with detection evasion, vulnerability research, and exploit development
  • Ability to plan and execute long-term, stealthy red team campaigns in black-box environments
  • Strong understanding of MITRE ATT&CK and other industry frameworks
  • Commitment to fixing—not just finding—security issues
Job Responsibility
Job Responsibility
  • Lead and execute red team and Adversarial Simulation exercises to test detection, response, and organizational readiness
  • Perform advanced threat modeling on new and critical services, articulating risk clearly to technical and non-technical stakeholders
  • Conduct penetration testing across infrastructure, applications, networks, and physical environments
  • Collaborate with Detection & Response and Physical Security teams to design and conduct realistic attacker emulations
  • Build tools and automation to improve red team assessments and reporting capabilities
  • Research the latest tactics, techniques, and procedures (TTPs) to inform red team and simulation scenarios
  • Contribute to the security community through blog posts, public talks, or open-source tools
What we offer
What we offer
  • Performance driven compensation with multipliers for outsized impact, bonus programs, equity ownership, and 401(k) matching
  • 100% paid health insurance for employees with 90% coverage for dependents
  • Lifestyle wallet – a highly flexible benefits spending account for wellness, learning, and more
  • Employer-paid life & disability insurance, fertility benefits, and mental health benefits
  • Time off to recharge including company holidays, paid time off, sick time, parental leave, and more
  • Exceptional office experience with catered meals, events, and comfortable workspaces
  • Fulltime
Read More
Arrow Right

Senior Offensive Security Engineer

Join us in building the future of finance. Our mission is to democratize finance...
Location
Location
Canada , Toronto
Salary
Salary:
165750.00 - 195000.00 CAD / Year
robinhood.com Logo
Robinhood
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of red teaming or offensive security experience, with a proven track record of driving impactful outcomes
  • Strong mentorship experience and a passion for developing others
  • Excellent communication skills—able to articulate complex security risks across technical and executive audiences
  • Hands-on experience with MacOS and Linux systems, and familiarity with DNS, TCP/IP, and related protocols
  • Experience attacking and securing cloud platforms (AWS, GCP), CI pipelines, and container orchestration systems (Docker, Kubernetes)
  • Ability to evade modern defensive tools and understand their detection logic (IDS, IPS, AV, EDR, etc.)
  • Proficiency in scripting or programming with Python, Go, or JavaScript
  • Deep understanding of the MITRE ATT&CK framework and adversary TTPs
  • Strong collaboration skills and comfort working on distributed teams with clear documentation practices
Job Responsibility
Job Responsibility
  • Evangelize the Offensive Security Team’s Findings and Projects with stakeholders throughout the company and collaborate with other teams to create solutions that balance security with other priorities
  • Mentor and provide guidance to the members of the Offensive Security team
  • Utilize threat modeling to identify threats and shape Red Team priorities and exercises
  • Plan and execute long term, broadly scoped, black box Red Team exercises utilizing vulnerability research, exploit development, and utilizing public proof of concept code
  • Perform penetration testing, code reviews, and design/architecture reviews
  • Write tooling to assist with and automate Red Team assessments
  • Plan and participate in Adversarial Simulation exercises with various security teams
  • Lead Security Incidents when Pentest or Red Team findings require them
  • Publish blog posts and present talks at security conferences
What we offer
What we offer
  • bonus opportunities
  • equity
  • benefits
  • Fulltime
Read More
Arrow Right