Offensive Security Researcher (Vulnerability Research and …, Kolkata

Company Overview Globals has drastically grown from a small home office to a globally recognized enterprise offering world-class quality solutions on Cybersecurity, Cyberwarfare, ERP Systems, AI, and Enterprise Application Development for various industries including Defence, Education, Government, Financial Services and Transport Industries. Globals has enabled its customers to be game-changers in their industry through its disruptive and cutting-edge solutions. Globals is certified as a "Great Place to Work" organization for its laudable work culture that helps its team members manage work-life, have dedicated hours to upskill and reskill themselves, and most important to ensure that the projects that they are working on are always unique, challenging their status quo every time. Our unique work culture has made us one of the world’s fastest-growing technology companies as recognized and featured by The Economist. Our excellence in technical stewardship and service-offering expertise has facilitated our clients ranging from individual entrepreneurs to Fortune Global 500 – to explore new business opportunities, reduce their operational costs significantly and boost their revenues. Today, Globals enjoys a strong position in the industry as a high-performing leader through its technology innovation and remarkable domain expertise. Globals is a CMMI Level 3 certified company. About the Job Role: We are seeking a skilled Offensive Security Researcher with 3–4 years of hands-on experience in penetration testing, red teaming, vulnerability research, and exploit development. The ideal candidate will be responsible for identifying and exploiting security weaknesses across a variety of systems, applications, and networks to simulate real-world cyberattacks. This role is critical in strengthening our organization's security posture by providing actionable insights, supporting incident response, and contributing to continuous security improvements. You will work closely with security engineers, blue teams, and development teams to bridge gaps between offense and defense. Responsibilities:
• Conduct vulnerability research to identify and exploit security weaknesses in systems and applications.
• Develop and deploy custom payloads for various platforms and environments for adversarial simulation and red teaming.
• Utilize C2 frameworks to maintain access and control over compromised systems.
• Perform malware reverse engineering to understand and counteract malicious software.
• Identify and exploit vulnerabilities in custom and third-party applications, operating systems, and hardware.
• Research and develop exploits or payloads to demonstrate risk impact on both Windows and Linux environments.
• Create detailed technical reports and executive summaries with remediation recommendations.
• Continuously research emerging threats, attack techniques (TTPs) and reproduce in the test environment.
• Contribute to the development of red teaming tools and frameworks.
• Participate in red team exercises to simulate real-world attacks and test defensive measures.
• Ensure operational security throughout all phases of research and development. Required Qualifications:
• Bachelor's or Master’s degree in Computer Science, Cybersecurity, Information Technology, or equivalent practical experience.
• 3–4 years of professional experience in offensive security and red teaming.
• Familiarity with payload and exploit development techniques for Windows and Linux environments.
• Scripting and automation skills using Python, Bash, PowerShell, or similar languages.
• Strong proficiency with tools such as Burp Suite, Metasploit, Sliver, Cobalt Strike, Nmap, Wireshark, Nessus, and others.
• Expertise in malware reverse engineering using tools like IDA Pro, Ghidra, or Radare2.
• In-depth knowledge of how AV and EDR systems operate, including their detection methods, and proficiency in evasion techniques to circumvent these technologies.
• Deep understanding of MITRE ATT&CK; framework, OWASP Top 10, CWE, and CVSS scoring.
• Experience in red teaming and simulating advanced persistent threats (APTs).
• Understanding operational security practices to maintain anonymity and avoid detection.
• Familiarity with social engineering techniques and phishing campaigns is a plus.
• Relevant certifications are highly desirable (e.g., OSCP, CRTO CEH etc.,). Why Join Us: ▪ Work on high-impact cyber defense and cyberwarfare initiatives. ▪ Publish and present your research to a global audience. ▪ Collaborate with National Cybersecurity Coordinator’s Office, CERT-IN, DRDO, and other National Security Agencies focused on Cybersecurity. ▪ Enjoy flexibility, innovation-driven culture, and recognition for thought leadership Apply on Kit Job: kitjob.in/job/4nbg0o