Website:
nowonline.com
Job details:
Job Description:
We're looking for an Offensive Security Engineer / AI Pentester to join our dynamic and fastest-growing security team.
Roles and Responsibilities
● Perform advanced penetration testing on web applications, APIs, cloud environments, mobile apps, and enterprise infrastructure.
● Conduct AI-based penetration testing and adversarial assessments against LLMs, AI agents, autonomous workflows, and AI-integrated platforms.
● Simulate real-world attack chains including prompt injection, jailbreaks, tool abuse, indirect prompt injection, memory poisoning, and agentic exploitation.
● Identify business logic flaws, second-order vulnerabilities, authentication bypasses, and chained exploitation paths.
● Execute red team operations and emulate sophisticated threat actors.
● Develop custom offensive tooling, automation, and AI-assisted attack workflows.
● Perform source code review and security architecture assessments.
● Research emerging attack vectors in AI security, autonomous agents, MCP integrations, and GenAI ecosystems.
● Collaborate with development and security teams to provide actionable remediation guidance.
● Prepare detailed penetration testing reports with comprehensive findings, risk ratings, remediation strategies, and proof-of-concept demonstrations.
● Stay updated with the latest security trends, vulnerabilities, attack vectors, and AI security research.
Required SkillsCore Penetration Testing Expertise
● Strong expertise in Web, API, Cloud, and Network Penetration Testing.
● Deep understanding of OWASP Top 10, API Security Top 10, and modern attack methodologies.
● Experience with tool-based and manual penetration testing methodologies.
● Experience in white box, grey box, and black box testing approaches.
● Source code review and secure code analysis capabilities.
● Experience in SAST and DAST tools with understanding of common software security issues and remediation techniques.
AI/LLM Security Expertise
● Prompt Injection attacks and variations.
● Jailbreak techniques and model manipulation.
● AI Agent exploitation and autonomous workflow attacks.
● Retrieval poisoning and context manipulation.
● Tool/Plugin abuse and API integration vulnerabilities.
● Multi-agent attack chains and indirect exploitation paths.
Tools & Technologies
● Proficiency with Burp Suite, Nuclei, Metasploit, BloodHound, Sliver, Mythic, and other offensive security tools.
● Knowledge of Nmap, Nessus, Kali Linux, and network reconnaissance tools.
● Cloud security tools and AWS/Azure/GCP security assessment experience.
● Container and Kubernetes security testing capabilities.
Programming & Automation
● Strong scripting/programming skills in Python, JavaScript, or Go.
● Ability to develop custom offensive tooling and automation scripts.
● Experience with shell scripting, Bash, and command-line automation.
Infrastructure & Architecture
● Cloud security knowledge (AWS, Azure, GCP) including IAM, networking, and data storage security.
● Container and container orchestration security (Docker, Kubernetes).
● CI/CD security and DevSecOps environment familiarity.
● IT infrastructure security audit experience.
Soft Skills
● Hacker mindset with curiosity, creativity, and a passion for unconventional exploitation paths.
● Ability to think like a real attacker and uncover non-obvious vulnerabilities.
● Excellent communication and technical reporting skills.
● Strong analytical and problem-solving abilities.
Bonus Skills
● Experience building AI-assisted offensive tooling and automated attack frameworks.
● Published security research, CVEs, or significant bug bounty achievements.
● Public security writeups, whitepapers, or conference presentations.
● Experience with adversarial machine learning or AI red teaming.
● Knowledge of agentic frameworks (LangChain, AutoGen, CrewAI, MCP, OpenAI Agents SDK).
● CTF participation or other security competitions.
● OSCP, OSEP, CEH, CREST CRT, or similar advanced certifications.
What We Value
● Hacker mindset with genuine curiosity and creative problem-solving approaches.
● Strong communication and technical documentation skills.
● Passion for offensive research and emerging AI attack surfaces.
● Ability to innovate beyond traditional scanning and exploit frameworks.
● Collaborative spirit and willingness to mentor junior team members.
Key RequirementsQualifications
● BE/B.Tech in Computer Science, Information Technology, or related field; or equivalent practical experience.
● Minimum 1-4 years of professional penetration testing and security assessment experience.
● Demonstrated expertise in conducting security assessments and red team operations.
Certifications (Preferred)
● OSCP (Offensive Security Certified Professional)
● OSEP (Offensive Security Web Expert)
● CEH (Certified Ethical Hacker)
● CREST CRT (Certified Registered Tester)
● eJPT (eLearnSecurity Junior Penetration Tester)
Position Details
Designation: Offensive Security Engineer / AI Pentester
Experience Required: 1-4 years
Location: GIFT CITY, Gandhinagar (On-site)
Qualification: BE/B.Tech/MCA/M.Sc./M.Tech in Computer Science or related field
Salary Package: Best in the Industry
How to Apply:
● Send your CV to: hr@nowonlinetech.com
● Contact: +91 7600235007
● For inquiries, please mention your penetration testing portfolio, research publications, or CVE contributions.
Join our team and help shape the future of AI security!
Click on Apply to know more.