Cyber Security Engineer – Offensive Security

Role Overview:

We are seeking a skilled and passionate Cyber Security Engineer – Offensive Security to join our team. The ideal candidate will have practical experience in Web Application and API Penetration Testing, identifying security vulnerabilities, and providing remediation recommendations. You will work with our security consultants to deliver high-quality security assessments for clients across various industries.

Key Responsibilities

  • Perform Web Application and API Penetration Testing.

  • Conduct vulnerability assessments and security testing using industry-standard tools.

  • Identify, validate, and document security vulnerabilities.

  • Prepare detailed technical reports with risk ratings and remediation recommendations.

  • Perform security testing in accordance with industry best practices and recognized methodologies.

  • Collaborate with development teams to support vulnerability remediation.

  • Stay up to date with the latest cyber security threats, attack techniques, and security trends.

  • Contribute to internal security research and continuous improvement initiatives.

Requirements

  • Bachelor’s degree in Cyber Security, Computer Science, Information Technology, Software Engineering, or a related field.

  • Professional certifications such as OSCP, eJPT, PNPT, CEH, GWAPT, CPTS, or other relevant penetration testing certifications would be an added advantage

  • Minimum 2 years of industry experience in offensive security or penetration testing.

  • Hands-on experience in Web Application and API Penetration Testing.

  • Strong understanding of the OWASP Top 10, OWASP API Security Top 10, and secure coding concepts.

  • Familiarity with scripting languages such as Python, Bash, or PowerShell.

  • Good knowledge of security testing methodologies and the NIST Cybersecurity Framework.

  • Experience using security testing tools such as Burp Suite, OWASP ZAP, Nmap, SQLMap, or similar.

  • Strong analytical, problem-solving, and report-writing skills.

  • Excellent communication and teamwork abilities.

  • Experience with mobile application, network, cloud, or Active Directory security assessments.

  • Experience in software development would be an added advantage

What We Offer

  • Opportunity to work on challenging and diverse cyber security projects.

  • Exposure to enterprise security technologies and modern testing methodologies.

  • Continuous learning and professional development opportunities.

  • Collaborative and innovative work environment.

  • Competitive remuneration and career growth opportunities.

Application Instructions:

Please email your CV to [email protected] with the subject line: DevSecOps Engineer – Intern <Your Name>
  • (Example: DevSecOps Engineer – Intern Sachith Fernando)