RemoteLeaf Logo
Log in Sign up

Senior Engineer, Offensive Security

16 hours, 26 minutes ago
India
Full-time
Mid Level
Penetration Tester
Mobile Development
Android AWS Azure Bash Burp Suite C++ iOS Kubernetes Metasploit Network Security Nmap Penetration Testing Python SIEM TensorFlow Wireshark
Apply Now
Twilio

Twilio

Twilio is a cloud communication company that offers Communication APIs for SMS, Voice, Video, and Authentication, empowering developers to embed communication capabilities into their software applications globally.

Diversified Telecommunication Services
5K-10K
Founded 2008
View All Jobs 27

Description

  • Perform manual and automated penetration testing of web applications, APIs, and mobile apps.
  • Conduct internal and external network and cloud security assessments.
  • Triage and validate findings from scanners and bug bounty submissions, escalating true positives.
  • Perform prompt injection, jailbreak, and other AI/LLM security tests using established checklists.
  • Write high-quality technical reports with clear, reproducible paths to compromise.
  • Maintain and update testing infrastructure and tooling, including Burp Suite and basic C2 listeners.
  • Provide technical remediation guidance to engineering teams for vulnerabilities such as XSS, SQLi, and IDOR.
  • Design and lead multi-week red team operations that emulate real-world threat actors.
  • Build custom payloads, droppers, and obfuscated scripts to bypass detection and maintain stealth.
  • Develop automated testing frameworks for AI systems using tools such as PyRIT, Promptfoo, or Garak.
  • Execute advanced attacks against AWS, Azure, and Kubernetes environments, with focus on IAM and container security.
  • Collaborate with SIRT and Detection Engineering to tune SIEM alerts based on engagement techniques.
  • Oversee the organization’s bug bounty program and identify trends that inform broader security improvements.

Requirements

  • 3–5 years of experience in offensive security, penetration testing, or high-volume bug bounty work.
  • Demonstrated track record of finding high- or critical-severity vulnerabilities in complex environments.
  • Strong understanding of the MITRE ATT&CK matrix and the OWASP Top 10 for web applications and LLMs.
  • Knowledge of post-exploitation concepts such as lateral movement, persistence, and data exfiltration.
  • Understanding of adversarial ML.
  • Proficiency with Burp Suite Professional, Nmap, Metasploit, Wireshark, and similar tooling.
  • Experience with AI security tools such as LangChain and TensorFlow for adversarial testing.
  • Experience using C2 frameworks such as Cobalt Strike, Sliver, or Havoc, or similar tools.
  • Ability to write functional scripts in Python or Bash to automate repetitive testing tasks.
  • Proficiency in Python, C++, and scripting for building custom offensive tooling.
  • Advanced certifications such as OSCP, OSEP, OSWE, or GXPN, or similar.
  • Telecom experience is preferred.
  • Must be based in India, in one of the following states or regions: Karnataka, Tamil Nadu, Telangana, Maharashtra, or Delhi.
  • Willingness to travel occasionally for project or team in-person meetings.

Benefits

  • Competitive pay.
  • Generous time off.
  • Parental leave and wellness leave.
  • Healthcare benefits.
  • Retirement savings program.
  • Remote-first work arrangement.
  • Opportunities to support volunteering and donation efforts.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Magnet Forensics

Vulnerability Researcher

Magnet Forensics 251-1K Internet Software & Services

Magnet Forensics is hiring a Vulnerability Researcher to support its remote research and development team in advancing digital investigative software used by customers worldwide.

Canada United Kingdom France Germany Spain Sweden Full-time Mid Level Penetration Tester
2 hours, 41 minutes ago
Coalfire

Principal, FedRAMP Advisory

Coalfire 251-1K Internet Software & Services

Coalfire is seeking a Principal Consultant, FedRAMP Advisory to lead public sector compliance engagements and guide clients through complex security and regulatory programs.

United States Full-time Lead Penetration Tester
$104k-$180k
AWS Azure Cybersecurity DevSecOps Encryption GCP
5 hours, 11 minutes ago
Infosys

Third Party Risk Management (TPRM) Consultant - Principal

Infosys 100K+ Internet Software & Services

Infosys Consulting is seeking a Principal Third Party Risk Management Consultant to lead enterprise third-party risk, GRC, and vendor assurance programs for clients across multiple industries.

Poland Full-time Lead Penetration Tester Program Manager
9 hours, 11 minutes ago
Ascera

Practice Manager, Director, Principal (NIST/CMMC)

Ascera Internet Software & Services

112Cyber is seeking a senior leader to grow and run its CMMC compliance practice, overseeing both advisory and C3PAO engagements while improving delivery outcomes for clients and the business.

United States Full-time Lead Operations Manager Penetration Tester
9 hours, 11 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers