Senior Offensive Security Consultant- Banking
Nair Systems
Posted on 15 Sep
Send me Jobs like this
Nationality
Any Nationality
Gender
Not Mentioned
Vacancy
1 Vacancy
Job Description
Roles & Responsibilities
Required Qualifications and Experience:
University graduate in Computer Science subject
Strong understanding of offensive security concepts and frameworks, including MITRE ATT&CK, vulnerability exploitation, DevSecOps and OWASP top ten projects.
Experience managing or integrating SAST, DAST, attack simulation, and container security tools into CI/CD platforms (e.g., Jenkins, GitLab CI, Azure DevOps)
Awareness of current breach and attack simulation platforms and AI-driven CI/CD pen testing solutions and their use cases (e.g., Cytix, SafeBreach, AttackIQ, Cymulate).
Strong knowledge of container and kubernetes security
Ability to work independently and manage multiple priorities in a fast-paced environment.
Excellent verbal and written communication skills.
Proven work experience in the UK, US, or Europe
Key Responsibilities:
Security Tool Management & Integration
Own the deployment, configuration, and maintenance of:
Static Application Security Testing (SAST) tools
Dynamic Application Security Testing (DAST) tools
Breach and Attack Simulation (BAS) tools
Container Security Solutions (e.g., image scanning, runtime protection)
Integrate security tools into CI/CD pipelines to enable automated and continuous security validation.
Monitor tool performance, ensure scalability, and optimize configurations for accuracy and efficiency.
Security Strategy & Enablement
Provide strategic guidance on offensive security practices including:
o Vulnerability identification
o Exploitation techniques
Support red team and penetration testing efforts by enabling tooling and providing technical insights.
Collaborate with development, DevOps, and cloud teams to embed security early in the SDLC.
Container & Cloud Security
Evaluate and enhance the security posture of containerized environments (e.g., Docker, Kubernetes).
Implement container image scanning, runtime protection, and orchestration security best practices.
Work with cloud-native security tools and configurations across AWS, Azure, or GCP.
Autonomous Execution & Ownership
Take full ownership of assigned projects and deliverables with minimal supervision.
Proactively identify gaps in security tooling, processes, or coverage and propose solutions.
Maintain documentation, dashboards, and reporting mechanisms for tool usage and effectiveness.
Communication & Collaboration
Translate technical findings into clear, actionable insights for both technical and non-technical stakeholders.
Present risk assessments, tool evaluations, and remediation strategies to leadership.
Mentor junior team members and contribute to internal knowledge sharing and training initiatives.
Preferred Qualifications and Experience:
Certifications such as OSCP, CRTO, OSCE, or equivalent.
Experience of streamlining SDLC processes and workflows using AI techniques and approaches
Experience with cloud platforms (AWS, Azure, GCP) and their native security services.
Framework & Boundaries:
Group s overall strategic plan.
Applicable policies and procedures.
Delegated authorities as per the delegation of authority structure.
Instructions of the Head of Cyber Risk Assessments and Group Chief Information Security Officer
Joining time frame: 2 weeks (maximum 1 month)
Should you be interested in this opportunity, please send your latest resume in MS Word format at the earliest
University graduate in Computer Science subject
Strong understanding of offensive security concepts and frameworks, including MITRE ATT&CK, vulnerability exploitation, DevSecOps and OWASP top ten projects.
Experience managing or integrating SAST, DAST, attack simulation, and container security tools into CI/CD platforms (e.g., Jenkins, GitLab CI, Azure DevOps)
Awareness of current breach and attack simulation platforms and AI-driven CI/CD pen testing solutions and their use cases (e.g., Cytix, SafeBreach, AttackIQ, Cymulate).
Strong knowledge of container and kubernetes security
Ability to work independently and manage multiple priorities in a fast-paced environment.
Excellent verbal and written communication skills.
Proven work experience in the UK, US, or Europe
Key Responsibilities:
Security Tool Management & Integration
Own the deployment, configuration, and maintenance of:
Static Application Security Testing (SAST) tools
Dynamic Application Security Testing (DAST) tools
Breach and Attack Simulation (BAS) tools
Container Security Solutions (e.g., image scanning, runtime protection)
Integrate security tools into CI/CD pipelines to enable automated and continuous security validation.
Monitor tool performance, ensure scalability, and optimize configurations for accuracy and efficiency.
Security Strategy & Enablement
Provide strategic guidance on offensive security practices including:
o Vulnerability identification
o Exploitation techniques
Support red team and penetration testing efforts by enabling tooling and providing technical insights.
Collaborate with development, DevOps, and cloud teams to embed security early in the SDLC.
Container & Cloud Security
Evaluate and enhance the security posture of containerized environments (e.g., Docker, Kubernetes).
Implement container image scanning, runtime protection, and orchestration security best practices.
Work with cloud-native security tools and configurations across AWS, Azure, or GCP.
Autonomous Execution & Ownership
Take full ownership of assigned projects and deliverables with minimal supervision.
Proactively identify gaps in security tooling, processes, or coverage and propose solutions.
Maintain documentation, dashboards, and reporting mechanisms for tool usage and effectiveness.
Communication & Collaboration
Translate technical findings into clear, actionable insights for both technical and non-technical stakeholders.
Present risk assessments, tool evaluations, and remediation strategies to leadership.
Mentor junior team members and contribute to internal knowledge sharing and training initiatives.
Preferred Qualifications and Experience:
Certifications such as OSCP, CRTO, OSCE, or equivalent.
Experience of streamlining SDLC processes and workflows using AI techniques and approaches
Experience with cloud platforms (AWS, Azure, GCP) and their native security services.
Framework & Boundaries:
Group s overall strategic plan.
Applicable policies and procedures.
Delegated authorities as per the delegation of authority structure.
Instructions of the Head of Cyber Risk Assessments and Group Chief Information Security Officer
Joining time frame: 2 weeks (maximum 1 month)
Should you be interested in this opportunity, please send your latest resume in MS Word format at the earliest
Company Industry
- IT - Software Services
Department / Functional Area
- Guards
- Security Services
Keywords
- Senior Offensive Security Consultant- Banking
Disclaimer: Naukrigulf.com is only a platform to bring jobseekers & employers together. Applicants are advised to research the bonafides of the prospective employer independently. We do NOT endorse any requests for money payments and strictly advice against sharing personal or bank related information. We also recommend you visit Security Advice for more information. If you suspect any fraud or malpractice, email us at abuse@naukrigulf.com