WebApp Offensive Security Engineer

Job Summary

Required Qualifications

• Extensive hands-on experience conducting full-scope web application penetration tests
• Deep knowledge of web vulnerabilities (SQLi, XSS, SSRF, SSTI/CSTI, IDOR/BOLA, authentication/authorization bypass, path traversal, LFI) and chaining them to demonstrate impact
• Ability to reproduce edge cases and build proof-of-concept exploits
• Strong communication of attack steps, impact, and remediation to engineers and non-technical stakeholders
• Experience with Burp Suite and browser developer tools
• Proficiency in scripting (e.g., Python) to reproduce findings and collaborate with engineers
• Experience documenting findings, methodologies, and recommendations
• Track record of responsible disclosure and bug bounty contributions
• Curiosity about AI technologies and comfort using AI-assisted tools in testing workflow
• Experience mentoring teammates and contributing to process improvements
• Familiarity with AI/LLM tools for agentic workflows (LangChain, LangFlow) and Model Context Protocol (MCP)