Cyber Security Engineer

Exp-6+ years

NP-Immediate to 15 days

Location- Gurgaon

• Skill Set-Experience with threat intelligence and threat modelling.
• Familiarity with security compliance and regulatory frameworks like PCI-DSS, HIPAA, and SOC2.
• Ability to design and implement red team strategies and methodologies.
• Experience in conducting social engineering and phishing campaigns.

JD:

We are looking for an experienced Level 3 Red Team Lead to fortify our cybersecurity defences by simulating sophisticated cyber-attacks and leading penetration testing efforts. The successful candidate will spearhead red team operations, identify security weaknesses, and collaborate with teams to enhance our security posture.

Key Responsibilities:

• Lead and execute advanced penetration testing and red team operations, targeting network, application, and cloud environments.
• Develop and implement red team exercises to simulate real-world attack scenarios.
• Perform in-depth vulnerability assessments and manage remediation efforts.
• Identify and exploit security vulnerabilities using both automated tools and manual techniques.
• Collaborate with blue teams and incident response to improve detection and response strategies.
• Translate findings into clear remediation playbooks (patch/config/hardening/compensating controls) with prioritized backlogs per platform.
• Champion risk-based prioritization using threat intel (e.g., KEV, EPSS), exploit maturity, exposure paths, and asset criticality.
• Provide hardening feedback to endpoint, identity, network, and cloud architects; co-design preventive controls and guardrails.

• Partner with EDR/XDR/SIEM teams to create/validate detections and analytic rules; integrate findings with ticketing/CMDB/GRC for continuous validation.

• Drive automation for scan orchestration, deduplication, and validation (e.g., pre/postremediation checks, CI/CD hooks for security tests).

• Mentor and guide red team members, providing training and development opportunities.
• Stay ahead of emerging cybersecurity threats, tactics, and procedures to continuously improve red team methodologies.
• Produce executive-level summaries and deep technical reports with clear risk framing, exploit chains, and remediation timelines.

Qualifications:

• Bachelors degree in computer science, Information Security, or a related field. A masters degree is preferred.
• 5+ years of experience in penetration testing, red teaming, or advanced threat emulation.
• In-depth knowledge of network, cloud, and application security.
• Proficiency with penetration testing frameworks and tools such as Metasploit, Cobalt Strike, and Burp Suite.
• Advanced certifications such as OSCP, OSCE, OSEE, or equivalent are highly recommended.
• Strong scripting and programming skills (Python, PowerShell, Bash).
• Excellent analytical, problem-solving, and critical-thinking skills.
• Exceptional communication skills, capable of conveying complex security issues to diverse audiences.