Offensive Security Engineer (Pen Tester)

Fynd is India s largest omnichannel platform and a multi-platform tech company specialising in retail technology and products in AI, ML, big data, image editing, and the learning space. It provides a unified platform for businesses to seamlessly manage online and offline sales, store operations, inventory, and customer engagement. Serving over 2,300 brands, Fynd is at the forefront of retail technology, transforming customer experiences and business processes across various industries.

At Fynd, we re looking for an Offensive Security Engineer to lead red teaming and penetration testing efforts across our digital ecosystem. You ll simulate real-world attacks, identify complex vulnerabilities, and partner with teams to strengthen our security posture from product design to production. This role is ideal for engineers passionate about adversary emulation, building tools, and driving secure innovation at scale.

What will you do at Fynd

• Conduct deep-dive penetration testing and red team simulations on web, mobile, cloud, APIs, and thick client systems.
• Perform proactive threat modeling during product development to identify design-stage risks.
• Build custom scripts/tools and automate offensive security workflows.
• Report technical findings with clear, actionable remediation strategies.
• Collaborate with engineering and product teams to embed offensive security into the SDLC.
• Stay updated on latest threat techniques, CVEs, exploits, and red team tooling.

Some more requirements

• 5+ years in offensive security, penetration testing, or red teaming.
• Experience with OWASP Top 10, ASVS, MITRE ATT&CK, and threat modeling frameworks.
• Hands-on with cloud platforms (AWS/GCP/Azure), thick clients, and secure app architecture.
• Proficiency in scripting (Python, Go, Bash) and tools like Burp Suite, ZAP, Metasploit, Cobalt Strike.
• Strong communication and reporting skills for both technical and business audiences.

Additional Skills

• Experience in ecommerce or AI/ML-driven platforms.
• Prior work in vulnerability research, CVE publication, or exploit development.
• Certifications: OSCP, OSWE, OSEP, CRTO or cloud security certs.
• Contributions to open-source tools, blogs, or conferences in the infosec community.

What do we offer

Growth

Growth knows no bounds, as we foster an environment that encourages creativity, embraces challenges, and cultivates a culture of continuous expansion. We are looking at new product lines, international markets and brilliant people to grow even further. We teach, groom and nurture our people to become leaders. You get to grow with a company that is growing exponentially.

Flex University

Learning Wallet: You can also do an external course to upskill and grow, we reimburse it for you.

Culture

Community and Team building activities

Host weekly, quarterly and annual events/parties.

Wellness

Mediclaim policy for you + parents + spouse + kids

Experienced therapist for better mental health, improve productivity & work-life balance

We work from the office 5 days a week to promote collaboration and teamwork. Join us to make an impact in an engaging, in-person environment!