Job Description
Experience: 3 to 5 Years
Location: Mumbai (Full-Time | Work From Office)
Industry: BFSI
Certifications: OSCP, CRTP, or equivalent
Tools Exposure: Cymulate, Pycus, or other CART/BAS platforms
Job Summary:
We are seeking an experienced Red Team Specialist with a strong background in offensive security and hands-on experience in conducting Red Team engagements across various vectors. The ideal candidate will be responsible for simulating sophisticated cyber-attacks to test and enhance our clients' detection and response capabilities, especially within the BFSI sector.
Key Responsibilities:
• Plan and execute Red Team engagements simulating realistic threat actor scenarios (external, internal, and physical).
• Conduct assumed breach assessments, initial access simulations, lateral movement, and exfiltration exercises.
• Leverage MITRE ATT&CK framework to design threat scenarios and map findings.
• Exploit misconfigurations and vulnerabilities in Active Directory, cloud environments, and enterprise infrastructure.
• Use and integrate CART/BAS tools like Cymulate, Pycus, or similar platforms to automate and validate security posture.
• Work with Blue Teams to measure detection, prevention, and response capabilities post-engagement.
• Develop comprehensive reports with actionable remediation recommendations.
• Conduct threat emulation based on industry-specific APT groups relevant to the BFSI sector.
• Stay updated on emerging threats, attack techniques, and countermeasures.
• Support internal and client-facing security awareness, purple teaming, and tabletop exercises.
Required Skills & Experience:
• Minimum 5 years of hands-on experience in offensive security / red teaming roles.
• Proficient in TTPs for Red Team operations, including phishing, C2 infrastructure, evasion techniques, privilege escalation, and data exfiltration.
• In-depth understanding of Windows internals, Active Directory attacks (Kerberoasting, Pass-the-Hash/Ticket, ACL abuse, DCShadow, etc.).
• Solid understanding of network protocols, cloud platforms, and endpoint security bypass techniques.
• Familiarity with attack simulation tools, custom scripting, and open-source frameworks (Cobalt Strike, Metasploit, Empire, Covenant, etc.).
• Experience in physical security assessments, badge cloning, RFID/NFC exploitation, and social engineering (preferred).
• Strong knowledge of MITRE ATT&CK, NIST , and equivalent frameworks.
• Ability to document findings, map them to risk frameworks, and present to both technical and executive stakeholders.
Preferred Qualifications:
• OSCP, CRTP, or similar offensive security certifications.
• Prior experience in BFSI sector engagements.
• Understanding of compliance and regulatory requirements in financial institutions (e.g., RBI, SEBI, ISO 27001).
Additional Expectations:
• Excellent analytical and problem-solving skills.
• Strong communication skills for stakeholder management and post-engagement debriefs.
• Ability to work in high-pressure environments and coordinate with cross-functional teams.
💡 Quick Summary
Seeking a career-building opportunity? The Assistant Manager | Red Teaming | | Cyber Defense & Resilience position is now open for candidates interested in the IT Engineer & Developer Jobs sector. This role in Mumbai offers a professional environment and growth potential.
Requirement Snapshot: Candidates should possess basic communication skills, a proactive attitude, and the ability to work in a team. Experience in IT Engineer & Developer Jobs is a plus.
