Alvarez & Marsal
Website:
alvarezandmarsal.com
Job details:
Company Description
Alvarez & Marsal (A&M) is a leading global professional services firm dedicated to helping organizations tackle their most complex business challenges, maximize stakeholder value, and deliver sustainable change. With a presence on six continents, A&M's network includes over 12,000+ world-class consultants, former regulators, and industry authorities. Our Cybersecurity practice partners with organizations across industries to help them stay resilient against ever-evolving cyber threats, with specialized expertise in offensive security, AI security, incident response, governance, and compliance.
Role Description
We are seeking a highly skilled Offensive Security Engineer (Penetration Testing) with 4+ years of experience to join our growing Cybersecurity practice. The ideal candidate will bring hands-on expertise in advanced penetration testing, exploit development, and vulnerability research, with a passion for breaking systems to make them more secure.
Office Location: Bangalore
Key Responsibilities
- Perform end-to-end penetration testing on:
Web applications
Mobile applications/devices
Thick client applications
OT/IoT/Hardware devices
- Develop and execute custom exploits for identified vulnerabilities.
- Research new attack vectors and adversarial techniques to simulate real-world threats.
- Apply knowledge of vulnerability exploitation, reverse engineering, and ARM exploitation where applicable.
- Create detailed technical reports and proof-of-concepts for vulnerabilities.
- Collaborate with internal teams and clients to provide remediation guidance.
- Contribute to internal R&D for offensive tooling, frameworks, and methodologies.
Qualifications Certifications
- 4+ years of experience in penetration testing with expertise in a at least two following:
Web applications
Mobile applications/devices
Thick client applications
OT/IoT/Hardware/Embedded devices
- Strong understanding of exploit development, security testing frameworks, and red team methodologies.
- Excellent technical documentation and reporting skills
Certifications
- Mandatory (any one): OSCP or CRTP
- Preferred: OSED, OSWP, OSEP
Preferred Skills
- Hands-on experience in reverse engineering, vulnerability exploitation, and ARM exploitation.
- Familiarity with modern attack frameworks (e.g., Cobalt Strike, Metasploit, Sliver).
- Strong problem-solving mindset and curiosity-driven research skills.
Click on Apply to know more.