Product Security Engineer - Breach & Attack Simulation

Job Description

Company: P.I.V.O.T Security Private Limited Website: pivotsec.in Location: remote Employment Type: Full-time Apply email: [email protected] Role Overview We are seeking an exceptional Product Security Engineer - BAS Developer to join our engineering team and build next-generation breach and attack simulation capabilities. In this role, you will develop sophisticated attack simulation modules, including ransomware emulation components, that help organizations validate their security controls and identify gaps before real attackers do. As a core member of our BAS platform development team, you'll create evasive, production-grade simulation modules that mirror real-world adversary tactics, techniques, and procedures (TTPs) as defined by the MITRE ATT&CK framework. Your work will directly impact how enterprises worldwide test and improve their security defenses. Key Responsibilities Design, develop, and maintain advanced attack simulation modules that replicate real-world adversary behavior Build ransomware simulation modules capable of safely emulating encryption, data exfiltration, and lateral movement techniques Develop evasive modules for Windows environments that can bypass common detection mechanisms (EDR, AV, SIEM) for testing purposes Create attack chains that accurately simulate multi-stage breach scenarios from initial access through impact Implement modules covering the full MITRE ATT&CK matrix including initial access, execution, persistence, privilege escalation, defense evasion, credential access, discovery, lateral movement, collection, and exfiltration - Develop YAML-based detection rules and correlation logic for SIEM/EDR platforms to address current detection gaps identified through attack simulations What you will do: Contribute to our universal agent architecture built in Rust, including learning and working with Rust codebases Develop cross-platform simulation capabilities that run seamlessly across Windows, Linux, and cloud environments Build orchestration logic for coordinating complex, multi-step attack scenarios Implement telemetry and reporting mechanisms to provide detailed simulation results to security teams Ensure modules are stable, reliable, and can run safely in production environments without causing actual harm What we look for: Stay current with emerging threat actor TTPs, APT campaigns, and ransomware trends Translate real-world attack techniques observed in threat intelligence into working simulation modules Research and implement advanced evasion techniques including process injection, DLL hijacking, LSASS dumping, token manipulation, and more Contribute to the continuous improvement of module effectiveness based on detection capabilities Technical Expertise: Strong proficiency in at least two of the following: PowerShell, Python, C++, or C# Demonstrated ability and willingness to learn Rust (our universal agent is built in Rust) Deep understanding of Windows internals , including: Process and thread management Windows APIs (Win32, WinAPI) Registry manipulation Service management File system operations Windows security mechanisms (UAC, AMSI, ETW) Experience with offensive security techniques and red team operations Hands-on experience with common offensive security tools (Metasploit, Cobalt Strike, Mimikatz, BloodHound, etc.) Equal Opportunity P.I.V.O.T Security Private Limited is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees. Ready to build the future of offensive security? Apply now and join us in helping organizations defend against tomorrow's threats. Apply email: [email protected] Note: This position requires working with offensive security techniques in a controlled, ethical environment. All simulation modules developed are for legitimate security testing purposes only and must be used in accordance with applicable laws and regulations.