Job Description
Employment Type: Full-Time
Experience: 3–6+ Years
About The Role
We are looking for a highly skilled Application Security / Offensive Security Engineer with a strong Red Team mindset to join our team. The role involves advanced penetration testing across Web, Mobile (Android & iOS), and APIs, focusing on real-world exploitation, vulnerability chaining, and bypassing modern security controls such as WAFs and client-side protections. If you thrive on deep technical challenges, scripting, and continuous research into emerging attack techniques, this role is for you.
Key Responsibilities
• Perform in-depth Web, Mobile, and API penetration testing with emphasis on exploitation and chaining vulnerabilities.
• Conduct Red Team-style application assessments across WAPT, MAPT, and API engagements.
• Develop custom scripts and tools to automate testing and bypass client-side security controls.
• Research and implement WAF evasion and bypass techniques.
• Reverse-engineer client-side and backend application logic.
• Identify business logic flaws and advanced attack paths.
• Deliver high-quality technical reports with reproduction steps, impact analysis, and remediation guidance.
• Stay updated with the latest vulnerabilities, attack techniques, and frameworks.
• Collaborate with development and security teams for secure design reviews and remediation.
Required Skills & Qualifications
• Strong hands-on experience in Web, Mobile (Android/iOS), and API Penetration Testing.
• Solid understanding of OWASP Top 10 (Web, Mobile, API).
• Experience with Java and JavaScript debugging.
• Ability to read, understand, and analyze JavaScript and Python code.
• Proficiency in Python (or equivalent scripting language) for automation and bypass tooling.
• Knowledge of modern web frameworks (React, Angular, Vue, Node.js, Spring Boot).
• Strong grasp of authentication, authorization, session management, and token-based security (OAuth, JWT, SAML).
• Familiarity with WAF technologies and bypass methodologies.
• Hands-on experience with Burp Suite, Frida, Objection, Postman, and mobile reversing tools.
Preferred Certifications
• OSCP
• eWPTX / eMAPT
• CRTP
Behavioural & Professional Attributes
• Strong research-driven and attacker mindset.
• Ability to work independently and lead complex security engagements.
• Excellent documentation and communication skills.
• Detail-oriented with a passion for deep technical problem-solving.
• Capability to mentor junior security testers.
Why Join Us?
• Opportunity to work on cutting-edge offensive security projects.
• Exposure to advanced Red Team engagements.
• Collaborative environment with continuous learning and growth.
💡 Quick Summary
Seeking a career-building opportunity? The Red Team Specialist – I position is now open for candidates interested in the IT Engineer & Developer Jobs sector. This role in Mumbai offers a professional environment and growth potential.
Requirement Snapshot: Candidates should possess basic communication skills, a proactive attitude, and the ability to work in a team. Experience in IT Engineer & Developer Jobs is a plus.
