Senior Security Engineer

Open

We are looking for an experienced & skilled Security Engineer with advanced offensive security skills to join our Information Security group. You will conduct complete penetration testing, vulnerability scans/assessments, and advanced Red Team assessments for web applications, mobile applications (iOS and Android), APIs, networks, and cloud infrastructure.

You will assist in identifying and mitigating high-impact vulnerabilities and simulate real-world adversarial attacks against our fintech and crypto platforms, where we store digital assets, provide trading systems, offer wallets, and create or support payment systems.

Key Responsibilities

Conduct full-cycle Web Application Penetration Testing (manual + automated) on highly complex fintech and crypto services.
Performing Mobile Application Penetration Testing on Android and iOS apps, including a thorough examination of rooted/jailbroken devices.
Perform API Penetration Testing (REST, GraphQL, WebSocket) — Authentication bypass, business logic bug, and rate-limiting vulnerabilities
You execute Network Penetration Testing (Internal & External), encompassing infrastructure, servers, and AWS cloud environments.
Conduct Red Team exercises, simulating APTs and real-world attack scenarios against the organization’s critical systems.
Conduct tracing, hunting, and incident response to Red Team operations and activities across the organization from Reconnaissance through Initial Access, Lateral Movement, persistence, and Exfiltration.
Target and use fintech & Crypto Exchange related vulnerabilities, including but not limited to: Wallet security issues, Trading engine bugs, Bypasses in the payment gateway, manipulating KYC/AML reports, Session hijacking & Blockchain integration weaknesses.
Shift your focus from checklist-based testing to finding complex business logic, zero-day, and architectural defects.
Conduct new features and release source code reviews, threat modeling, and secure design assessment.
Auditing security posture, Secret scanning, Branch protection, and Repository Security Controls
Custom Scripts (Python, Bash, PowerShell): Automate Repetitive VAPT & Red Team Tasks
Work with development, DevOps, and product teams to confirm fixes and re-testing.
Support secure SDLC activities like security requirements definition, code reviews, and cyber risk assessments.
Stay updated with the latest attack vectors, tools, and techniques across fintech, crypto & Red Teaming.

Requirements

Experience

More than 7 years of experience performing Vulnerability Assessment, Penetration Testing, and Red Team operations.
More than 5 years of experience completing Web, API, Mobile, Network, Cloud, and Red Team activities.
Required experience testing Fintech, Crypto Exchange, Blockchain, or Trading applications.
Demonstrated experience in organizing and executing successful Red Team operations.

Mandatory Certification

OSCP (Offensive Security Certified Professional) – Must have.

Technical Skills

Experience of Web VAPT: Deep knowledge on OWASP Top 10, Burp Suite, ZAP, SQLMap & related Tools
Mobile VAPT: In-depth partnering for Android (Root) and iOS (Jailbreak) Test with Frida, Objection, MobSF, Drozer, Appium, etc.
API VAPT: Expertise at Postman, Burp Suite & custom API testing scripts.
Network VAPT & Red Teaming: Nmap, Metasploit, Wireshark, Cobalt Strike, Empire, Sliver Nessus OpenVAS Manual exploitation
Expert level of scripting knowledge: Python (preferred), bash, PowerShell
Strong understanding of secure coding techniques, authentication mechanisms (OAuth, JWT, SAML), cryptography, and MITRE ATT&CK framework.

Preferred Qualifications

The ideal candidate should also hold additional certifications, including OSWE, OSEP, CRTP, CRTE, CEH, or eJPT.
The candidate should have previous experience performing cloud penetration testing, red teaming (AWS, GCP), blockchains, reviewing blockchains, and auditing smart contracts.
The candidate should also have a familiarity with compliance frameworks such as NIST CSF, NIST SP 800-53, NIST SP 800-171, SOC 2, ISO 27001, etc.

Note: Interested candidates may send their resume to [email protected]. Only shortlisted applicants will be contacted.

JOB SUMMARY

Location Noida, India

Job Type Full-time

Date Posted June 8, 2026

Experience 7+ Years

Working Hours 9:00 AM - 6:00 PM

Artificial Intelligence Services We Deliver

Generative AI Development

AI Trading Bot Development

AI Risk Management

AI Agent Development

Blockchain Solutions We Deliver

Blockchain Development

Blockchain In Identity Management

DePIN Development

Custom Blockchain Framework Development

Parity Substrate

OP Stack

Arbitrum Orbit

Polkadot Parachains

Avalanche Subnets

Cosmos

Polygon

ZKsync Hyperchains

Layer 1 & Layer 2 Blockchain Infrastructure

Solana

Cardano

Ethereum

Polkadot

SUI

Smart Contract Engineering We Offer

Smart Contract Development

Smart Contract Audit

Compliant Tokenization & Digital Assets Expertise

Asset Tokenization

Crypto Asset Management

Crypto Exchange

Crypto Exchange Development

Crypto Derivatives Exchange

Crypto Spot Exchange

P2P Exchange

Centralized Crypto Exchange (CEX)

Decentralized Crypto Exchange (DEX)

White Label Crypto Exchange

Wallet

Crypto Wallet

DeFi Wallet

MPC Crypto Wallet

AI-driven Crypto Wallet

Non-Fungible Token (NFT)

NFT Development

NFT Marketplace

White Label NFT Platform

DeFi Development

dApp Development

Coin Development

Launchpad Development

Initial DEX Offering (IDO)

Initial Coin Offering (ICO)

Initial Exchange Offering (IEO)

Stablecoin Development

Meme Coin Development

Trading Bots

Arbitrage Bot

Crypto Trading Bot

CRM Development

MetaTrader 5 CRM

Forex CRM Development

Knowledge & Insights

Blog

Glossary

Information Hub

About Us

Our Team

Careers

Contact Us