Job Description: Senior Consultant – Offensive Security (VA/PT, Red Team, AD, Cloud)
Location: Noida (preferred)/ Remote
Experience: 7–12+ years in security assessment
Role Summary
We are seeking a Senior Consultant – Offensive Security to lead and deliver end-to-end offensive security engagements including Vulnerability Assessments (VA), Penetration Testing (web and infrastructure), Red Teaming/purple teaming, Attack Surface Discovery, Active Directory (AD) security assessments, and Cloud Security assessments (AWS/Azure/GCP). This role requires strong hands-on testing expertise, ability to scope and manage complex engagements, produce high-quality reports, and communicate risk and remediation guidance effectively to both technical and executive stakeholders.
Key Responsibilities
1) Delivery & Technical Execution
- Lead and execute Vulnerability Assessments across internal/external environments, validate findings, and prioritize risk.
- Perform Web Application Penetration Testing (OWASP Top 10, business logic testing, API security testing).
- Conduct Infrastructure / Network Penetration Testing across enterprise networks, segmentation testing, and security control validation.
- Execute Red Team engagements including adversary emulation, stealthy operations, attach surface discovery, and attack-path discovery; coordinate purple team activities with defenders.
- Conduct Active Directory assessments: privilege escalation paths, tiering model review, delegation abuse, misconfigurations, ADCS weaknesses, lateral movement simulation, and remediation roadmaps.
- Perform Cloud Security Assessments for AWS/Azure/GCP including IAM review, network security, storage exposure, logging/monitoring, KMS/secrets, and cloud-native attack paths.
- Assess container/Kubernetes and CI/CD security (where applicable), including misconfigurations and supply-chain risks.
2) Scoping, Planning & Stakeholder Management
- Own engagement lifecycle: requirements gathering, scoping, rules of engagement, test planning, execution, and closure.
- Work with customers to define objectives, timelines, success criteria, and realistic testing constraints.
- Provide risk-based guidance aligned with business impact and threat models.
3) Reporting & Advisory
- Produce clear, accurate, and actionable deliverables:
- Executive summaries and risk narratives
- Technical findings with evidence and reproduction steps
- Remediation guidance and compensating controls
- Attack path diagrams and kill-chain mapping (for red team/AD)
- Conduct readouts for technical teams and leadership; support remediation validation / retesting.
- Map findings to relevant frameworks and standards where required (e.g., MITRE ATT&CK, NIST, CIS, OWASP, ISO 27001).
4) Quality, Mentorship & Practice Development
- Ensure consistency and quality across test execution and reporting.
- Mentor junior consultants; provide peer reviews on findings and reports.
- Contribute to internal tooling, checklists, playbooks, and reusable test artifacts.
Support pre-sales activities: assist with proposals/SOW content, estimates, and solutioning (as needed).
-
Required Technical Skills
- Strong hands-on experience with:
- Web App / API testing (authentication, authorization, session management, SSRF, XXE, deserialization, injection classes, business logic, rate limiting)
- Infrastructure testing (AD environments, Windows/Linux, segmentation, VPN/remote access, common services)
- Active Directory attack techniques (Kerberos abuse, delegation abuse, credential dumping, misconfigurations, ADCS)
- Cloud security (AWS/Azure/GCP core services; IAM, networking, storage, logging, key management)
- Proficiency with common tools (examples—equivalents acceptable):
- Burp Suite, Nmap, Tenable, Metasploit, BloodHound, Impacket, CrackMapExec/NetExec, Responder, Horizon3
- Cloud tooling: AWS/Azure/GCP CLI, ScoutSuite/Prowler/AzureHound (or similar)
- Scripting/automation: Python, PowerShell, Bash (at least one strong)
-
Required Experience & Qualifications
- 7+ years in offensive security / security assessment delivery (VA/PT/red team/AD/cloud).
- Proven experience leading engagements end-to-end and interacting directly with customers.
- Ability to write high-quality reports with clear remediation and prioritization.
Experience working in enterprise environments with complex networks and identity architectures.
-
Preferred Skills / Nice-to-Haves
- Experience with EDR evasion tradeoffs, OPSEC, and red-team infrastructure (where allowed by ROE).
- Mobile application testing (iOS/Android), thick client testing, or wireless assessments.
- Kubernetes/container security assessments and CI/CD pipeline reviews.
- Experience with compliance-driven assessments and control validation (SOC2/ISO/CIS benchmarks).
Familiarity with SIEM/EDR telemetry and detection engineering concepts (for purple teaming).
-
Certifications (Preferred)
One or more of the following (or equivalent experience):
- OSCP, OSCE/OSWE, OSEP, CRTO, GXPN, GPEN
- AWS Security Specialty / Azure Security Engineer / GCP security certs
- CEH (less preferred unless combined with strong hands-on experience)
Key Competencies
- Strong analytical and problem-solving skills; ability to chain weaknesses into attack paths.
- Excellent communication: can translate technical issues into business risk.
- Independent, organized, and capable of managing multiple engagements.
- High ethics and professionalism; strict adherence to rules of engagement and confidentiality.
