Security Engineer - Pentesting
Role details
Job location
Tech stack
Requirements
Required Qualifications Experience * 5+ years in penetration testing, red teaming, or offensive security * Proven experience testing: Web applications, APIs, and infrastructure * Hands-on exposure to cloud security and enterprise environments Technical Skills * Strong knowledge of: OWASP Top 10 / API Top 10 OWASP Top 10 LLM Network and infrastructure pentesting Identity and Active Directory exploitation * Experience with tools such as: Burp Suite, Metasploit, Nmap BloodHound, Mimikatz, Nessus AI Security * Understanding of: LLM architectures and GenAI use cases RAG pipelines, embeddings, and vector databases * Experience with: Prompt injection testing AI red teaming or model security assessments * Exposure to: LangChain, Semantic Kernel, or similar frameworks Programming * Proficiency in: Python (required) Scripting (Bash/PowerShell) * Ability to develop: Custom testing tools and exploit scripts Preferred Qualifications * Certifications: OSCP, OSEP, or OSCE GPEN, GWAPT, or CRTO Cloud security certifications (AWS/Azure) * Experience with: AI security research or tooling Bug bounty programs or red team operations Key Competencies Strong attacker mindset and creative problem-solving Ability to translate technical findings into business risk Excellent collaboration across engineering and security teams Focus on scalable, repeatable security processes