Description :
We are looking for a Senior Security Engineer with deep expertise in penetration testing, data security, endpoint security, DLP, compliance, data privacy, ethical hacking, and security research. This role requires a hands-on security mindset, with experience in offensive and defensive security, along with cutting-edge research in vulnerabilities, AI security threats, and threat intelligence.
The core responsibilities for the job include the following :
Security Engineering and Data Protection :
- Conduct penetration testing (pentesting) on cloud, on-premise environments, APIs, and applications.
- Architect and implement Data Loss Prevention (DLP) solutions across endpoints, networks, and cloud environments.
- Secure databases, endpoints, and cloud infrastructure from internal and external threats.
- Strengthen access control, encryption, and data protection mechanisms to prevent breaches.
- Work closely with product and engineering teams to design and implement security-first architectures.
Ethical Hacking and Offensive Security :
Lead red-teaming and adversary simulations against critical infrastructure.Identify zero-day vulnerabilities, exploit development, and reverse engineering.Conduct bug bounty research, responsible disclosures, and ethical hacking to improve product security.Develop and automate custom security testing frameworks to assess AI / ML model security.Security Research and Threat Intelligence :
Research emerging threats, exploit trends, and AI security risks.Stay ahead of zero-day vulnerabilities, malware trends, and data exfiltration techniques.Develop proof-of-concept exploits and contribute to open-source security research.Publish security research, advisories, and contribute to CVE disclosures.Compliance and Data Privacy :
Ensure ISO 27001 SOC 2 GDPR, HIPAA, and PCI-DSS compliance for enterprise security requirements.Work with legal and compliance teams to define privacy frameworks and governance models.Automate compliance monitoring and integrate security controls with SIEM / XDR solutions.Incident Response and Threat Detection :
Detect, analyze, and respond to security incidents in real-time.Perform digital forensics investigations post-breach to analyze attack vectors.Develop playbooks and proactive defense strategies for handling sophisticated attacks.Requirements :
8+ years in cybersecurity, with hands-on experience in pentesting, ethical hacking, data security, and compliance.Strong knowledge of DLP solutions, endpoint security, and secure cloud architectures (AWS / GCP / Azure).Experience in ethical hacking, bug bounty, CTF challenges, red teaming, and vulnerability research.Deep understanding of security frameworks like NIST, CIS, ISO 27001 SOC 2 GDPR, HIPAA, and PCI-DSS.Strong experience in reverse engineering, exploit development, and malware analysis.Proficiency in Python, Bash, PowerShell, or Golang for security automation and scripting.Hands-on experience with offensive security tools (Burp Suite, Metasploit, Kali Linux, Nessus, Wireshark, Nmap, IDA Pro, Ghidra).Good-to-Have Skills :
Experience in AI security (adversarial ML, prompt injection attacks, model security testing).Knowledge of data classification, tokenization, and encryption techniques.Experience with security research, CVE submissions, and zero-day vulnerability hunting.Contributions to open-source security tools, bug bounty programs, and CTF competitions.(ref : hirist.tech)
