Principal Security Consultant (Gurugram)

About Claranet Founded at the beginning of the dot.com bubble in 1996, our CEO Charles Nasser had a light bulb moment to develop a truly customer-focused IT business. Since then, Claranet has grown from an Internet Service Provider (ISP) in the UK to being one of the leading business modernisation experts, who deliver solutions across 11+ countries. At Claranet, we’re experienced in implementing progressive technology solutions which help our customers solve their epic business challenges. We’re committed to understanding their problems, delivering answers quickly, and making a lasting impact to their business. We are agile, focused and experienced in business modernisation. Our approach helps customers make genuine, significant shifts in their business strategy, to deliver financial savings, boost innovation, and create a resilient business. We continually invest in our people and the latest technologies, so our customers get peace of mind knowing that they have access to the best talent and services. In the UK we have over 500 staff working in London, Gloucester, Warrington, Leeds or as homeworkers and 130 staff working for global projects Working For Claranet Here at Claranet we pride ourselves on going the extra mile for and with our employees (yes, we really mean it). We offer an extensive benefits package that you can tailor to your needs, inclusive of a matching contribution pension scheme, healthcare, insurance, gym and other benefits. But what we think makes us different is ‘Team Claranet,’ our dedicated internal part of the business that supports you with matters close to your heart. Our Vision Our vision is to become the most trusted technology solutions partner; renowned for being the best and brightest, having lasting impact with our customers and delivering exceptional returns to our stakeholders. Position Summary The Principal Security Consultant is responsible for leading and delivering high-impact security training programs while supporting advanced penetration testing engagements. This role is primarily focused on building and delivering practical, hands-on training that enhances offensive security capabilities and secure development across client organizations. The successful candidate will be passionate about both offensive security and education—capable of not only discovering advanced attack paths but also clearly communicating them through engaging, developer-focused training. Strong client engagement skills are essential, including the ability to deliver strategic security guidance and build long-term relationships through high-quality consulting and training delivery. Our team is growing, and we are looking for individuals who can help us continue to build a world-class cyber security practice while contributing to the development of our training capabilities and technical excellence. Based in India, this role will lead penetration testing engagements and deliver training for global clients, working as part of an international team of security consultants who actively collaborate on research, tooling, and knowledge sharing. As a respected training provider and a leading contributor to Black Hat conferences, this role provides opportunities to design and deliver training to private clients, at industry events, and at international conferences. In addition to delivery, the consultant will play a key role in developing and evolving technical training content, including hands-on labs, vulnerable applications, demonstrations, and course materials aligned with modern attack techniques. The role also involves mentoring junior consultants, contributing to internal capability building, and helping shape the next generation of security testers and trainers within the organization. Candidates with experience delivering advanced hands-on training, presenting at industry events, or conducting technical workshops are strongly encouraged to apply. Objectives & Key Results The Principal Security Consultant is a senior member of the Consultancy Team, acting as a trusted advisor, technical leader, and subject matter expert in cybersecurity, with a robust emphasis on delivering and scaling high-impact security training. The key objectives will be to:
- Deliver high-impact security training programs across private clients, public events, and industry conferences, with a focus on Web Security, Dev SecOPS and Application Security enabling participants to effectively identify and remediate real-world vulnerabilities
- Continuously develop and enhance training content, labs, and vulnerable applications to reflect the latest offensive security techniques and emerging threats, including AI/LLM
- Lead and execute advanced penetration testing engagements across web, mobile, API, secure code review to identifying complex attack paths and security weaknesses
- Perform secure code reviews, including SAST/DAST assessment
- Provide clear, actionable, and risk-based security recommendations to clients, effectively communicating technical findings to both technical and non-technical stakeholders
- Build and maintain strong client relationships by acting as a trusted security advisor and delivering consistently high-quality consulting and training services
- Mentor and develop junior consultants, contributing to internal capability building, knowledge sharing, and the growth of future trainers within the organization Essential Roles & Responsibilities
- Demonstrated ability to develop and deliver technical security training, including hands-on workshops and lab-based courses for enterprise customers or public audiences
- Experience designing training content, including vulnerable applications, attack labs, demonstrations, and courseware based on real-world penetration testing scenarios
- Work individually or as a part of team delivering security assessments to Not SoSecure clients both remotely and onsite
- Perform web, infrastructure, mobile, AI/LLM penetration testing and secure code reviews
- Exploit vulnerabilities identified in client systems and communicate vulnerabilities to customers
- Create assessment reports explaining technical and business risk of the vulnerabilities discovered including remediation recommendations for the clients
- Manage project related tasks as per communicated deadlines
- Keep abreast with latest technology risks and utilise them in projects
- Participate in project conference calls and lead the technical content on those calls Key Skills & Requirements
- Extensive experience in Information Security with strong expertise in penetration testing and application security
- Established in designing and delivering technical security training for security professionals, developers or Dev SecOps
- Proven ability to build structured training programs, including hands-on labs, vulnerable applications, and real-world attack simulations
- Demonstrated ability to create structured training programs, including hands-on labs, vulnerable applications, and real-world attack scenarios
- Strong ability to simplify and communicate complex security concepts and vulnerabilities to technical and non-technical audiences
- Hands-on expertise in web, API, mobile, and AI/LLM penetration testing, with the ability to demonstrate real-world exploitation techniques during training
- Experience performing secure code reviews and translating findings into developer-focused remediation guidance
- Solid understanding of modern application architectures, secure SDLC practices, and Dev SecOps principles
- Proficiency with security testing tools such as Burp Suite Pro, Kali Linux, SQLMap, Nessus, and similar toolsets, with the ability to incorporate them into training delivery
- Strong scripting or programming skills (e.g., Python, Java Script, Bash, Java, .NET) to build training labs, automation, or demonstrations
- Excellent presentation, facilitation, and communication skills, with confidence in delivering training to large and diverse audiences
- Passion for continuous learning and contributing to the security community through research, content creation, or conference presentations
- High ethical standards and professionalism in handling client engagements and training delivery
- Willingness and ability to travel for delivering training sessions, workshops, and conferences (as required) Apply on Kit Job: kitjob.in/job/4m7ej8