SENIOR ENGINEER - ENGINEER

Position: Application Security Engineer - Red Teaming and Ethical Hacking Specialist - L2.

Location: Navi Mumbai (CBD Belapur).

Experience Required: 5 to 8 Years.
Mandatory Skills: Red Teaming and Ethical Hacking.

Role Objective:

The L2 Specialist shall execute advanced penetration testing and red team engagements and provide technical support to the Level 3 Lead.

Key Responsibilities:

• Execute multi-stage adversary simulations.
• Perform Active Directory exploitation and internal network pivoting.
• Conduct web application penetration testing aligned to Open Web Application Security Project standards.
• Conduct mobile application security testing for Android and iOS.
• Perform vulnerability assessment and follow-up remediation validation.
• Validate detection capabilities of Endpoint Detection and Response and Security Information and Event Management systems.
• Conduct Deep Web and Dark Web monitoring related to the Bank's attack surface.
• Participate in Blue Team exercises.
• Log findings and track closure in incident management portal.

Technical Skills Required:

• Strong expertise in:
  • Privilege escalation and credential harvesting.
  • Lateral movement techniques.
  • Web Application Firewall evasion concepts.

  • Secure code review basics.

    Experience using tools including: Cobalt Strike, Metasploit Framework, Mimikatz, BloodHound, Burp Suite, Nmap, Nessus and Impacket.

Educational Qualification:

• Bachelor's degree in computer science, Information Security, or Engineering (BSc-IT/CS, BE/ B.Tech./BCA).

Essential Certifications (Minimum Two Required):

Any one below certification must mandatorily be:

• Offensive Security Certified Professional issued by Offensive Security.

Additionally, at least one of the following:

• GIAC Penetration Tester.
• Certified Red Team Professional.
• Licensed Penetration Tester issued by EC-Council.
• GIAC Web Application Penetration Tester.

Working Conditions:

• Full-time onsite at Navi Mumbai, CBD Belapur.
• Six days working per week.
• Mandatory working on all Bank working Saturdays.
• Minimum 24 working days per month.
• Availability for extended hours during simulation exercises.