Red Team Specialist – I
Indexed description
Employment Type: Full-Time
Experience: 3–6+ Years
About The Role
We are looking for a highly skilled Application Security / Offensive Security Engineer with a strong Red Team mindset to join our team. The role involves advanced penetration testing across Web, Mobile (Android & iOS), and APIs, focusing on real-world exploitation, vulnerability chaining, and bypassing modern security controls such as WAFs and client-side protections. If you thrive on deep technical challenges, scripting, and continuous research into emerging attack techniques, this role is for you.
Key Responsibilities
- Perform in-depth Web, Mobile, and API penetration testing with emphasis on exploitation and chaining vulnerabilities.
- Conduct Red Team-style application assessments across WAPT, MAPT, and API engagements.
- Develop custom scripts and tools to automate testing and bypass client-side security controls.
- Research and implement WAF evasion and bypass techniques.
- Reverse-engineer client-side and backend application logic.
- Identify business logic flaws and advanced attack paths.
- Deliver high-quality technical reports with reproduction steps, impact analysis, and remediation guidance.
- Stay updated with the latest vulnerabilities, attack techniques, and frameworks.
- Collaborate with development and security teams for secure design reviews and remediation.
- Strong hands-on experience in Web, Mobile (Android/iOS), and API Penetration Testing.
- Solid understanding of OWASP Top 10 (Web, Mobile, API).
- Experience with Java and JavaScript debugging.
- Ability to read, understand, and analyze JavaScript and Python code.
- Proficiency in Python (or equivalent scripting language) for automation and bypass tooling.
- Knowledge of modern web frameworks (React, Angular, Vue, Node.js, Spring Boot).
- Strong grasp of authentication, authorization, session management, and token-based security (OAuth, JWT, SAML).
- Familiarity with WAF technologies and bypass methodologies.
- Hands-on experience with Burp Suite, Frida, Objection, Postman, and mobile reversing tools.
- OSCP
- eWPTX / eMAPT
- CRTP
- Strong research-driven and attacker mindset.
- Ability to work independently and lead complex security engagements.
- Excellent documentation and communication skills.
- Detail-oriented with a passion for deep technical problem-solving.
- Capability to mentor junior security testers.
- Opportunity to work on cutting-edge offensive security projects.
- Exposure to advanced Red Team engagements.
- Collaborative environment with continuous learning and growth.
Create a free Caio profile to unlock more results and save your role and location preferences.
Unlock free search