Talent.com
Principal Cyber Security Engineer

Principal Cyber Security Engineer

ConfidentialHyderabad / Secunderabad, Telangana, India
5 days ago
Job description

About Us

HighRadius, a renowned provider of cloud-based Autonomous Software for the Office of the CFO, has transformed critical financial processes for over 800+ leading companies worldwide. Trusted by prestigious organizations like 3M, Unilever, Anheuser-Busch InBev, Sanofi, Kellogg Company, Danone, Hershey's, and many others, HighRadius optimizes order-to-cash, treasury, and record-to-report processes, earning us back-to-back recognition in Gartner's Magic Quadrant and a prestigious spot in Forbes Cloud 100 List for three consecutive years.

With a remarkable valuation of $3.1B and an impressive annual recurring revenue exceeding $100M, we experience a robust year-over-year growth of 24%. With a global presence spanning 8+ locations and a recent addition in Poland, we're in the pre-IPO stage, poised for rapid growth. We invite passionate and diverse individuals to join us on this exciting path to becoming a publicly traded company and shape our promising future.

Job Title : Sr. Principal Security Engineer

Team : Product Security / Offensive Security

Job Summary :

We are seeking a highly experienced and technically proficient Sr. Principal Security Engineer to lead the offensive security efforts for our applications and platforms. This role is a hands-on, individual contributor position focused on proactive threat emulation, vulnerability research, and full-scope red team operations. You will be responsible for identifying and exploiting complex vulnerabilities across our web applications, APIs, and cloud infrastructure, while simultaneously acting as the top-tier subject matter expert to mentor developers and integrate advanced security controls into the CI / CD pipeline.

Responsibilities :

  • Adversary Simulation & Red Team Operations : Plan and execute sophisticated red team operations and adversary emulation exercises to test the resilience of our applications, infrastructure, and defensive capabilities.
  • Advanced Penetration Testing : Conduct comprehensive, manual penetration tests and vulnerability assessments, with a focus on discovering business logic flaws and zero-day vulnerabilities in web applications, APIs, and microservices.
  • Secure Development Lifecycle : Embed security into the SDLC by performing in-depth code reviews, leading threat modeling workshops (e.g., using STRIDE or PASTA), and providing technical guidance to development teams on remediation of OWASP Top 10 and other critical security issues.
  • Security Tooling & Automation : Evaluate, integrate, and manage advanced security testing tools (e.g., Burp Suite Enterprise, SAST, DAST, and SCA ) into the CI / CD pipeline to automate security checks and maintain continuous security posture.
  • Vulnerability Research : Stay current with the latest exploits, attack vectors, and security research. Develop custom exploits and scripts using languages like Python or Go to simulate real-world attacks.

Required Qualifications :

  • Experience :
  • 7-10+ years of progressive experience in cybersecurity, with at least 3 years in a dedicated offensive security, red team, or advanced penetration testing role.
  • Demonstrated experience with a wide range of attack methodologies and a proven track record of discovering and exploiting complex vulnerabilities.
  • Technical Expertise :
  • Expert-level proficiency with manual penetration testing tools, including Burp Suite Professional, Metasploit, and Cobalt Strike .
  • Strong practical knowledge of exploit development, reverse engineering, and hands-on experience with at least one scripting language ( Python, Go, JavaScript, or Bash ).
  • In-depth understanding of web application vulnerabilities, including the OWASP Top 10, CWE, and CVE databases .
  • Experience securing cloud environments ( AWS, Azure, GCP ) and working with containerization technologies ( Docker, Kubernetes ).
  • Familiarity with both dynamic and static application security testing (DAST and SAST) methodologies.
  • Soft Skills & Education :
  • Exceptional problem-solving, analytical, and critical-thinking skills.
  • Excellent communication and mentoring skills, with the ability to explain complex technical vulnerabilities to both technical and non-technical audiences.

    • Certifications (Highly Desired) :

  • Offensive Security Certified Professional (OSCP)
  • Offensive Security Certified Expert 3 (OSCE3)
  • GIAC Penetration Tester (GPEN) or GIAC Exploit Researcher and Advanced Penetration Tester (GXPN)
  • eLearnSecurity Web Application Penetration Tester eXtreme (eWPTXv2)
  • CISSP

    • Skills Required

    Go, Aws, Bash, Python, Kubernetes, Azure, Docker, Gcp, Metasploit, Javascript

    Create a job alert for this search

    Cyber Security Engineer • Hyderabad / Secunderabad, Telangana, India