3 Offensive Security Jobs

Dear Candidate, Greetings from Northern Trust! Northern Trust is currently having an exciting vacancy of Associate, Cyber Security position for our Pune location. Your profile seems to be matching the requirement. Please find below the company and job details for your reference Company Details: Northern Trust, a Fortune 500 company, is a globally recognized, award-winning financial institution that has been in continuous operation since 1889. Northern Trust is proud to provide innovative financial services and guidance to the worlds most successful individuals, families, and institutions by remaining true to our enduring principles of service, expertise, and integrity. With more than 130 years of financial experience and over 22,000 partners, we serve the worlds most sophisticated clients using leading technology and exceptional service. Job Role: Associate, Cyber Security Job Location: Pune Experience: 4 to 8 years Skills: Security operations, Offensive Security, ServiceNow, OSCP Job Description: Role/ Department: The Purple Team Analyst will work as part of the wider Global Threat Management team in the continuous development of the cyber operations program. The purple team will work very closely with The Global Threat Management Team. The Global Threat Management Team is responsible for vulnerability management, threat technology management and security monitoring. The key responsibilities of the role include: Working with the wider technology teams to improve technology hygiene and reduce the attack surface. Design and run exercise campaigns based on industry specific threat intelligence and vulnerabilities. Provide continuous learning and training opportunities for the Global Threat Management team as a result of continuous exercise campaigns. Act as an integral driver of the cyber operations development programme, benchmarking results against industry standard frameworks including MITRE and NIST. Configure and safely utilize attack tools, tactics, and procedures against a simulation lap. Develop scripts, tools, or methodologies to enhance purple teaming capabilities. Help to execute the Purple Team strategy to further enhance the security posture of the firm. Effectively communicate findings and strategy to stakeholders including technical staff, executive leadership. Skills/ Qualifications: Relevant experience in information security and adversary simulation. Detailed knowledge of global cyber threats, threat actors, and the tactics, techniques and procedures used by cyber adversaries, specifically those targeting the financial services sector. Experience in large scale information technology implementations and operations preferred. Industry certifications such as OSCP, OSCE, OSWE, GPEN, GCIH, GWAPT, or GXPN. Proficient in exploitation and post exploitation frameworks such as Cobalt Strike, Metasploit Framework, Empire. Proficient in one or more of the following scripting languages (Python, PowerShell, Bash, Ruby) Advanced knowledge of Windows Operating System architecture and internals. Strong knowledge of core Information Technology concepts such as TCP/IP networking, Windows & Active Directory, Unix/Linux, Mainframe, Cloud Service Providers, Relational Databases, Data Warehouses, and filesystems. If you are interested to pursue this opportunity further, kindly respond back with your resume and details at the earliest. Regards, Northern Trust Talent Acquisition Team

Location: Mumbai (Candidates should be born and brought up in Mumbai) Experience: 5-7 years Notice Period: Immediate to 30 days ________________________________________ We are seeking a Pen tester (Penetration Testing) to join our cybersecurity team. The ideal candidate will have proven experience in penetration testing, vulnerability assessment, and offensive security operations. Key Responsibilities: Conduct penetration testing on web applications, ERP, SAP systems, and infrastructure assets. Draft business risk-oriented reports and assist teams in mitigating identified vulnerabilities. Contribute to the creation and implementation of security tools to secure the Saint-Gobain environment. Participate in Red Team and Purple Team exercises. Define and implement quality and performance metrics for the cybersecurity roadmap. Qualifications: Educational Background: Bachelors degree in Computer Science or Information Security; relevant certifications (e.g., OSCP, CRTP, CompTIA Security+) are a plus. Technical Expertise: Hands-on experience in web application and API penetration testing tools. Knowledge Areas: o Strong understanding of OWASP Top 10 or SANS Top 25. o Familiarity with malware, TCP/UDP packets, IDS/IPS, web proxies, SIEM, DNS security, and firewalls. o Basic knowledge of ERP and SAP systems. o Mobile and thick client application penetration testing. Skills: Scripting experience (e.g., Python, Bash, Powershell, C#) for automation. Participation in CTF challenges (Hack the Box, Root Me, TryHackMe) is a plus.

Job Description Do you want to lead teams that find and exploit security vulnerabilities in Fortune 100 companies, critical infrastructure, and public sector agencies impacting millions of users? Join Securins Offensive Security Team where you'll emulate real-world attacks and oversee advanced offensive operations. We are a cross-disciplinary group of red teamers, adversarial AI researchers, and software developers dedicated to finding and fixing vulnerabilities across critical digital ecosystems. Role & responsibilities - Lead and perform advanced offensive security assessments, including Red Team operations, threat-based evaluations, and vulnerability exploitation. - Supervise and mentor a team of offensive engineers, manage task prioritization, and ensure high-quality delivery. - Execute Red Team operations on production systems, including AI platforms, using real-world adversarial tactics. - Provide strategic and technical security guidance to internal and external stakeholders. - Collaborate cross-functionally to integrate findings into enterprise detection and defense strategies. - Research and develop adversary TTPs across the full attack lifecycle. - Build tools to automate and scale offensive emulation and vulnerability discovery, utilizing AI/ML systems. - Continuously evaluate and enhance assessment methodologies and frameworks used by the team. - Contribute to the security community through publications, presentations, bug bounties, and open-source projects. Required Qualifications - 5+ years of experience in offensive security, red teaming, or penetration testing with at least 1 year in a leadership role. - Bachelors or Masters degree in Computer Science, Computer Engineering, or relevant field; or equivalent experience. - Expert knowledge of offensive security tactics, threat modeling, APT emulation, and Red Team operations. - Strong understanding of MITRE ATT&CK framework and exploitation of common vulnerabilities. - Proficiency in one or more programming/scripting languages (Python, Go, PowerShell, C/C++, etc.). - Hands-on experience with penetration testing tools such as Metasploit, Burp Suite Pro, NMAP, Nessus, etc. - Familiarity with security in cloud environments (AWS, Azure, GCP) and across Windows/Linux/macOS platforms. - Ability to clearly articulate findings to technical and executive audiences and lead mitigation efforts. - Authorization to work in the country of employment at time of hire and ongoing during employment. Preferred Qualifications - Certifications like OSCP, OSCE, OSEP, CRTO, or equivalent. - Experience with Purple Team operations and threat intelligence integration. - Track record in CTF competitions or bug bounty programs. - Reverse engineering experience or malware analysis expertise. - Exposure to Responsible AI and adversarial machine learning. - Participation in AI Village at DEFCON or similar security research events. - Publications or contributions to conferences such as AISec, NeurIPS, FAccT, or IC4. Other Requirements Ability to meet Securin, customer, and/or government security screening requirements. This includes a background check at the time of hire/transfer and every two years thereafter. Who Should Apply You have experience executing technical research and offensive security strategies with teams. You are skilled in experimental security science and confident in building your own tools. You clearly communicate findings, are mission-driven, and want to drive change in AI and cybersecurity. Role-Specific Policy This hybrid role requires in-office presence at least 50% of the time. Locations: Chennai, Tamil Nadu (India)