Lead Offensive Security

Job Description : Lead – Offensive Security

Department : Security Assurance

Experience - 5 years

Salary up to 10 LPA

Location : Kochi

Role Summary

The Lead – Offensive Security is a key member of the Security Assurance Team, responsible for evaluating, testing, and enhancing Lulu Retail’s cybersecurity posture. The role plays a critical part in strengthening IT security, improving cyber resilience, and supporting regulatory compliance across cloud and on-premise environments.

Key Responsibilities

Offensive Security Testing

Plan, execute, and manage periodic offensive security activities, including :

Vulnerability Assessments

Penetration Testing (internal & external)

Wi-Fi Security Testing

Network Segmentation Testing

PCI-DSS ASV Scans

Active Directory Security Audits

Red Teaming / Adversary Simulation

Cloud & Infrastructure Security

Perform cloud security assessments for AWS and Azure , identifying misconfigurations, insecure architecture, and policy gaps.

Evaluate endpoint, network, and application security controls.

Vulnerability & Risk Management

Conduct CVE analysis, risk scoring, and prioritization.

Track remediation progress and verify vulnerability closure.

Ensure all security testing aligns with compliance requirements and internal security standards.

Collaboration & Advisory

Work closely with development, DevOps, infrastructure, and IT support teams to :

Explain identified vulnerabilities

Recommend mitigation strategies and best practices

Support secure design and implementation

Lead meetings with asset owners and project teams to ensure timely remediation.

Reporting & Documentation

Prepare detailed technical and executive-level security assessment reports.

Document findings, recommendations, and remediation timelines.

Required Qualifications

Education

Bachelor’s degree in Computer Science , Information Security , or a related discipline.

Experience

Minimum 3 years of hands-on experience in cybersecurity, penetration testing, or offensive security roles.

Certifications (Preferred)

CEH

ECSA

CHFI

Other recognized offensive security or penetration testing certifications (e.g., OSCP, OSWP, OSCE, GPEN).

Technical Skills

Strong understanding of :

Penetration Testing methodologies

Vulnerability Assessment & Patch Management

Advanced cyber threats and mitigation techniques

Proficiency with IT security tools / platforms :

Anti-malware, Firewalls, IDS / IPS, DLP

Web Proxies, Email Security

Cloud Security (AWS & Azure)

Privileged Access Management

IAM & Identity Security

Experience with frameworks / standards :

OWASP

NIST 800-64

PCI-DSS

ISO 27001

GDPR

Soft Skills

Excellent communication and stakeholder-management skills

Strong analytical and problem-solving abilities

Solid organizational and time-management skills

Ability to work well independently as well as collaboratively within a team