Sr. SOC Engineer (Red Teaming & Web Application Security Specialist)

Noida, Uttar Pradesh
Permanent
Full-time

22 days ago

Our CompanyWe're Hitachi Digital, a company at the forefront of digital transformation and the fastest growing division of Hitachi Group. We're crucial to the company's strategy and ambition to become a premier global player in the massive and fast-moving digital transformation market.Our group companies, including GlobalLogic, Hitachi Digital Services, Hitachi Vantara and more, offer comprehensive services that span the entire digital lifecycle, from initial idea to full-scale operation and the infrastructure to run it on. Hitachi Digital represents One Hitachi, integrating domain knowledge and digital capabilities, and harnessing the power of the entire portfolio of services, technologies, and partnerships, to accelerate synergy creation and make real-world impact for our customers and society as a whole.Imagine the sheer breadth of talent it takes to unleash a digital future. We don't expect you to 'fit' every requirement - your life experience, character, perspective, and passion for achieving great things in the world are equally as important to us.Meet Our Team:We are the Global Cyber team, part of Global Information Security at Hitachi Digital. Our mission is to protect the company's and its customers' vital information systems and data while responding to attacks, intrusions, and other security incidents. As passionate advocates of information security, we are a team of out-of-the-box thinkers, innovators, and collaborative problem-solvers. We continuously seek new and better ways to enhance our practices and strive for nothing less than excellence in our cybersecurity operations. We are looking for highly motivated individuals with a positive attitude who want to be part of something exceptional.What You'll Be Doing:As a Red Teaming & Web Application Security Specialist, you will be responsible for conducting advanced offensive security assessments to identify vulnerabilities across applications, infrastructure, and processes. This role will blend adversary simulation (Red Team) exercises with deep web application penetration testing to proactively uncover and remediate security weaknesses before they can be exploited by malicious actors.Key Responsibilities:Red Teaming & Adversary Simulation

Plan, execute, and document red team engagements simulating realistic cyberattacks against the organization's systems, applications, and users.
Emulate threat actors' tactics, techniques, and procedures (TTPs) based on frameworks like MITRE ATT&CK.
Conduct physical security assessments, social engineering campaigns (phishing, vishing), and insider threat simulations as required.
Collaborate with the Blue Team to validate detection and response capabilities, providing actionable improvement plans.

Web Application Security

Perform manual and automated web application penetration testing using tools like Burp Suite, OWASP ZAP, and custom scripts.
Identify, validate, and exploit vulnerabilities such as injection flaws, authentication bypass, XSS, CSRF, SSRF, and insecure deserialization.
Work with development teams to remediate findings and ensure secure coding practices.
Conduct source code reviews to detect and eliminate security flaws.

Security Research & Tool Development

Develop and maintain custom tools, scripts, and exploits to enhance testing capabilities.
Stay current with emerging attack vectors, zero-days, and security trends.
Perform threat modeling and provide secure architecture recommendations.

What you'll bring:

7 years of experience in Web security and red teaming
Plan, execute, and document red team engagements simulating realistic cyberattacks against the organization's systems, applications, and users.
Emulate threat actors' tactics, techniques, and procedures (TTPs) based on frameworks like MITRE ATT&CK.
Conduct physical security assessments, social engineering campaigns (phishing, vishing), and insider threat simulations as required.
Collaborate with the Blue Team to validate detection and response capabilities, providing actionable improvement plans.
Perform manual and automated web application penetration testing using tools like Burp Suite, OWASP ZAP, and custom scripts.
Identify, validate, and exploit vulnerabilities such as injection flaws, authentication bypass, XSS, CSRF, SSRF, and insecure deserialization.
Work with development teams to remediate findings and ensure secure coding practices.
Conduct source code reviews to detect and eliminate security flaws.
Develop and maintain custom tools, scripts, and exploits to enhance testing capabilities.
Stay current with emerging attack vectors, zero-days, and security trends.
Perform threat modeling and provide secure architecture recommendations.
If you are passionate about cybersecurity and ready to work with a top-tier SOC team, we invite you to join us at Hitachi Digital.

About usWe're a global, 1000-strong, diverse team of professional experts, promoting and delivering Social Innovation through our One Hitachi initiative (OT x IT x Product) and working on projects that have a real-world impact. We're curious, passionate and empowered, blending our legacy of 110 years of innovation with our shaping our future. Here you're not just another employee; you're part of a tradition of excellence and a community working towards creating a digital future.#LI-RR1

Hitachi Digital Services

Apply Now