Senior Security Analyst - Threat Hunting (3-5 yrs)

ESSENTIAL JOB FUNCTIONS :

- Typical daily work will consist of performing advanced penetration tests on cloud-based and on-premises infra to identify security weaknesses and loopholes.

- Perform Red teaming / Adversary emulations to simulate sophisticated cyberattacks and assess the effectiveness of existing security controls.

- Conduct Purple team exercises in collaboration with Sec-Ops to assess the effectiveness of defensive measures and incident response capabilities through realistic attack simulation.

- Develop and test custom exploits to demonstrate vulnerabilities and assess the potential impact on systems.

- Execute social engineering attacks, such as phishing or vishing, to evaluate the organization's susceptibility to human-centric threats.

- Perform Breach and Attack Simulations using BAS platform across the organization infrastructure.

- Conduct comprehensive cloud penetration tests targeting AWS, Azure, GCP to identify and exploit misconfigurations, insecure interfaces, and vulnerabilities in cloud services and applications.

- Assess and exploit weak IAM configurations, privilege escalation paths, and over-permissioned roles to identify security risks within cloud environments.

- Collaborate with incident response team to provide insights and support during and after security incidents.

- Regularly review and enhance penetration testing methodologies and practices to adapt to evolving threats and technologies.

- Create detailed reports outlining findings from penetration tests, red team exercises, and vulnerability assessments that include clear, actionable recommendations for remediation and risk mitigation.

MUST HAVE KNOWLEDGE, SKILLS & ABILITIES :

- Proficiency in conducting penetration tests on internal networks, web applications, and systems to identify vulnerabilities and potential attack vectors.

- Ability to simulate sophisticated adversary tactics, techniques, and procedures (TTPs) to mimic real-world cyber-attacks, including social engineering, spear-phishing, and advanced malware deployment.

- Expertise in techniques for lateral movement within a compromised network, including pass-the-hash, RDP hijacking, and privilege escalation.

- Ability to establish persistence using tools like Cobalt Strike, Empire, or custom scripts.

- Skills in developing and deploying custom malware or payloads to evade traditional security controls like antivirus and endpoint detection and response (EDR) tools.

- Experience with offensive security tools such as Metasploit, Burp Suite, Nmap, Cobalt Strike, Wireshark, and Kali Linux for conducting vulnerability assessments and penetration testing.

- Ability to design and execute social engineering and phishing attacks to assess organizational awareness and vulnerability to human factor exploits.

- Familiarity with common reconnaissance, exploitation, and post exploitation techniques.

- Proficiency in testing web applications for vulnerabilities such as SQL injection, cross-site scripting (XSS), cross-site request forgery (CSRF), and other application-level attacks.

- Strong Collaboration, Communication and Interpersonal skills with the ability to collaborate effectively with cross-functional teams, communicate complex technical concepts to non-technical stakeholders, and build consensus around security initiatives.

- Solid understanding of emerging threats, vulnerabilities, and exploits and an ability to think outside the box and emulate adversarial approaches.

- In-depth knowledge of major cloud platforms (AWS, Azure, GCP), including their security models, IAM roles, virtual private cloud (VPC) configurations, and cloud-native security tools.

- Expertise in discovering and exploiting common cloud misconfigurations, including insecure storage buckets, overly permissive IAM roles, and weak security group rules.

- Ability to design cloud-specific threat models and conduct red teaming exercises that simulate advanced attacks on cloud environments to evaluate organizational defenses.

GOOD TO HAVE KNOWLEDGE, SKILLS & ABILITIES :

- Excellent independent (self-motivational, organizational, personal project management) skills

- High Expertise in performing offensive security assessments and penetration testing in cloud environments, identifying vulnerabilities, misconfigurations, and exploitation vectors unique to cloud infrastructures.

- Good to have knowledge of DevSecOps practices and experience in assessing and securing Infrastructure as Code (IaC) tools and templates (e.g., Terraform, CloudFormation) to prevent vulnerabilities in cloud deployments.

- Knowledge of vulnerability management and scanning best practices such as CVE database and the CVS System used for scoring vulnerabilities.

- Experience on Breach and Attack Simulation (BAS) Tools like Cymulate, Pentera, Safebreach etc is a plus.