Bestkaam Logo
Back to Jobs
NowOnline Tech India Pvt ltd

AI Pentester

Actively Reviewing

NowOnline Tech India Pvt ltd

Gandhinagar Full-Time 4–8 yrs exp Posted 1 month ago  · Apply by Jul 18, 2026

Job Description:

We're looking for an Offensive Security Engineer / AI Pentester to join our dynamic and fastest-growing security team.

Roles and Responsibilities

●      Perform advanced penetration testing on web applications, APIs, cloud environments, mobile apps, and enterprise infrastructure.

●      Conduct AI-based penetration testing and adversarial assessments against LLMs, AI agents, autonomous workflows, and AI-integrated platforms.

●      Simulate real-world attack chains including prompt injection, jailbreaks, tool abuse, indirect prompt injection, memory poisoning, and agentic exploitation.

●      Identify business logic flaws, second-order vulnerabilities, authentication bypasses, and chained exploitation paths.

●      Execute red team operations and emulate sophisticated threat actors.

●      Develop custom offensive tooling, automation, and AI-assisted attack workflows.

●      Perform source code review and security architecture assessments.

●      Research emerging attack vectors in AI security, autonomous agents, MCP integrations, and GenAI ecosystems.

●      Collaborate with development and security teams to provide actionable remediation guidance.

●      Prepare detailed penetration testing reports with comprehensive findings, risk ratings, remediation strategies, and proof-of-concept demonstrations.

●      Stay updated with the latest security trends, vulnerabilities, attack vectors, and AI security research.

Required SkillsCore Penetration Testing Expertise

●      Strong expertise in Web, API, Cloud, and Network Penetration Testing.

●      Deep understanding of OWASP Top 10, API Security Top 10, and modern attack methodologies.

●      Experience with tool-based and manual penetration testing methodologies.

●      Experience in white box, grey box, and black box testing approaches.

●      Source code review and secure code analysis capabilities.

●      Experience in SAST and DAST tools with understanding of common software security issues and remediation techniques.

AI/LLM Security Expertise

●      Prompt Injection attacks and variations.

●      Jailbreak techniques and model manipulation.

●      AI Agent exploitation and autonomous workflow attacks.

●      Retrieval poisoning and context manipulation.

●      Tool/Plugin abuse and API integration vulnerabilities.

●      Multi-agent attack chains and indirect exploitation paths.

Tools & Technologies

●      Proficiency with Burp Suite, Nuclei, Metasploit, BloodHound, Sliver, Mythic, and other offensive security tools.

●      Knowledge of Nmap, Nessus, Kali Linux, and network reconnaissance tools.

●      Cloud security tools and AWS/Azure/GCP security assessment experience.

●      Container and Kubernetes security testing capabilities.

Programming & Automation

●      Strong scripting/programming skills in Python, JavaScript, or Go.

●      Ability to develop custom offensive tooling and automation scripts.

●      Experience with shell scripting, Bash, and command-line automation.

Infrastructure & Architecture

●      Cloud security knowledge (AWS, Azure, GCP) including IAM, networking, and data storage security.

●      Container and container orchestration security (Docker, Kubernetes).

●      CI/CD security and DevSecOps environment familiarity.

●      IT infrastructure security audit experience.

Soft Skills

●      Hacker mindset with curiosity, creativity, and a passion for unconventional exploitation paths.

●      Ability to think like a real attacker and uncover non-obvious vulnerabilities.

●      Excellent communication and technical reporting skills.

●      Strong analytical and problem-solving abilities.

Bonus Skills

●      Experience building AI-assisted offensive tooling and automated attack frameworks.

●      Published security research, CVEs, or significant bug bounty achievements.

●      Public security writeups, whitepapers, or conference presentations.

●      Experience with adversarial machine learning or AI red teaming.

●      Knowledge of agentic frameworks (LangChain, AutoGen, CrewAI, MCP, OpenAI Agents SDK).

●      CTF participation or other security competitions.

●      OSCP, OSEP, CEH, CREST CRT, or similar advanced certifications.

What We Value

●      Hacker mindset with genuine curiosity and creative problem-solving approaches.

●      Strong communication and technical documentation skills.

●      Passion for offensive research and emerging AI attack surfaces.

●      Ability to innovate beyond traditional scanning and exploit frameworks.

●      Collaborative spirit and willingness to mentor junior team members.

Key RequirementsQualifications

●      BE/B.Tech in Computer Science, Information Technology, or related field; or equivalent practical experience.

●      Minimum 1-4 years of professional penetration testing and security assessment experience.

●      Demonstrated expertise in conducting security assessments and red team operations.

Certifications (Preferred)

●      OSCP (Offensive Security Certified Professional)

●      OSEP (Offensive Security Web Expert)

●      CEH (Certified Ethical Hacker)

●      CREST CRT (Certified Registered Tester)

●      eJPT (eLearnSecurity Junior Penetration Tester)

Position Details

Designation: Offensive Security Engineer / AI Pentester

Experience Required: 1-4 years

Location: GIFT CITY, Gandhinagar (On-site)

Qualification: BE/B.Tech/MCA/M.Sc./M.Tech in Computer Science or related field

Salary Package: Best in the Industry

How to Apply:

●      Send your CV to: [email protected]

●      Contact: +91 7600235007

●      For inquiries, please mention your penetration testing portfolio, research publications, or CVE contributions.

Join our team and help shape the future of AI security!