Principal Security Consultant (Remote)

Principal Security Consultant | Claranet Group | Worldwide

About The Role

Our professionals work on everything from client projects to development work and training, dealing with large corporate penetration tests to gaining credit for published advisories. Technical excellence and customer service are key to our work; you will be passionate about finding vulnerabilities while being happy liaising with customers.

Our team is growing, and we need inspiring people to join us and help us build a world-leading cybersecurity operation while benefiting from the opportunity to fulfill their potential.

Based in India, this work will lead on Red Team projects, including threat-hunting. However, it will also be able to work on projects with worldwide clients and form part of our global team of penetration testers who share research, tooling, and experience and collaborate freely on projects.

As a respected training provider and the leading provider of training at Black Hat conferences, our penetration testers also have the option of developing training skills and delivering security training to both private customers, at our events, and at leading international conferences.

Essential duties & responsibilities:

• Plan and execute red team assessments to simulate real-world attack scenarios.
• Conduct thorough and realistic red team assessments to identify vulnerabilities in our organization’s infrastructure, systems, and applications.
• Collaborate closely with the security team and other stakeholders to define the objectives and scope of red team engagements.
• Research and stay up-to-date with the latest attack techniques, tools, and emerging threats to enhance the effectiveness of red teaming activities.
• Develop and execute comprehensive attack scenarios that simulate sophisticated, multi-stage cyber attacks.
• Utilize various tools, technologies, and methodologies to mimic real-world attack vectors, such as social engineering, network exploitation, web application vulnerabilities, and lateral movement.
• Assess the effectiveness of security controls, incident response procedures, and other defensive measures during red team engagements.
• Document and communicate findings, including identified vulnerabilities, attack paths, and recommended remediation measures, in clear and concise reports.
• Collaborate with the security team and relevant stakeholders to prioritize and address identified vulnerabilities and weaknesses.
• Continuously enhance red teaming methodologies, tools, and processes to keep pace with evolving threats and industry best practices.
• Provide guidance, expertise, and training to staff members to contribute to improving the organization’s overall security posture.

About You

Essential:

• 7+ years of experience in information security
• 4+ years of client-facing consulting work experience performing penetration testing.
• Familiarity with common attack vectors, tools, and techniques threat actors use.
• Develop a comprehensive test plan, including goals, targets, and tactics to mimic real-world cyber threats.
• To identify vulnerabilities, conduct simulated cyberattacks, such as phishing, penetration testing, social engineering, and more.
• Utilize various hacking techniques and tools to exploit weaknesses in the organization’s defenses.
• Proficiency in programming and scripting languages (e.g., Python, PowerShell, Ruby).
• Strong understanding of network protocols, web applications, and cloud technologies.
• Certifications such as Offensive Security Certified Professional (OSCP) or Certified Ethical Hacker (CEH) are a plus.
• Ability to work independently and as part of a collaborative team, managing multiple engagements simultaneously and meeting deadlines.
• Strong knowledge of various operating systems, network protocols, and security technologies.
• Assess and enhance the effectiveness of red team methodologies and processes.
• Proficiency in using various offensive security tools, frameworks, and scripting languages (e.g., Metasploit, Cobalt Strike, PowerShell) to simulate attacks.
• Excellent analytical and problem-solving skills.
• Excellent communication skills (written and verbal) with an ability to explain complex topics clearly and concisely to both technical and non-technical audiences.
• Stay proactive in identifying new attack vectors and techniques.
• Knowledge of cloud services and cloud security controls.

Company Benefits:

• Group medical insurance (including parents’ coverage), group term life policy, and personal accidental policy.
• Tax Saving flexible benefits.
• Flexible working hours
• Statutory Benefits (PF, Gratuity)
• International Onsite Travel Opportunities and leading International Conferences.

Tagged as: remote, remote job, virtual, Virtual Job, virtual position, Work at Home, work from home