Red Team Security Engineer
CloudanixCloudanix

Red Team Security Engineer

About the Company

Cloudanix helps companies with the security and operational excellence of their cloud infrastructure. We offer a Central Dashboard and a set of tools that cross-functional teams (Cloud Operation, Security, Risk, Engineering) use to manage cloud operations in a timely and secure manner.

Cloudanix is driven by a mission that every consumer should be entitled to secure and reliable apps. We want Cloud Operation team members, both in startups and enterprises, to have all the necessary tools to operate securely and effectively using cloud technologies.

We are backed by YCombinator and have customers across the US, UK, and India.

About the Team

Sujay Maheshwari has worked both as an Engineer and Product Manager at several startups and large companies in the US, London, and India. He has built and run a successful startup in New York with customers like HSBC, JWT, and several other popular names. For the past several years, he has been part of the cloud journey in various roles at Pantheon, Moody’s, HPE, Cloud Foundry, and other Silicon Valley companies.

Purusottam Mupunu excels in both SaaS and Cloud space. He has built and run engineering teams across the US and India. He is based out of Sunnyvale, California, and is an expert in AWS, Azure, and GCP cloud technologies. He started his journey as a software developer and today leads Cloudanix’s engineering team.

About the Role

We are seeking a talented and motivated Red Team Security Engineer to join our growing security team. In this role, you will be responsible for simulating real-world attacks to identify vulnerabilities in our systems, applications, and cloud infrastructure. Your work will be crucial in enhancing our security posture and ensuring the robustness of our CNAPP solutions.

This is a Pune-based position. 100% remote is not offered for this role.

Your Responsibilities

  • Plan and execute complex, multi-phase red team operations to simulate advanced persistent threats (APTs) and other sophisticated attack scenarios
  • Develop and maintain a diverse set of tools and techniques for penetration testing, social engineering, and other offensive security measures
  • Conduct thorough assessments of our cloud infrastructure, applications, and networks to identify security weaknesses
  • Create detailed reports of findings, including clear explanations of vulnerabilities, potential impacts, and recommended remediation steps
  • Collaborate with the blue team to improve detection and response capabilities
  • Stay up-to-date with the latest attack techniques, tools, and trends in the cybersecurity landscape
  • Assist in developing and improving internal security policies and procedures
  • Participate in code reviews to identify security flaws in application code
  • Contribute to the development of security awareness training programs for employees

Required Qualifications

  • Bachelor's degree in Computer Science, Cybersecurity, or a related field
  • 2-3 years of experience in red team operations, penetration testing, or offensive security roles
  • Strong knowledge of common vulnerabilities and attack vectors in web applications, networks, and cloud environments
  • Proficiency in scripting languages such as Python, Ruby, or PowerShell
  • Experience with penetration testing tools (e.g., Metasploit, Burp Suite, Nmap)
  • Familiarity with common cloud platforms (AWS, Azure, GCP) and their security features
  • Understanding of network protocols and common network services
  • Excellent problem-solving and analytical skills
  • Strong written and verbal communication skills
  • Ability to work independently and as part of a team

Preferred Qualification

  • Relevant certifications such as OSCP, OSCE, GXPN, or GPEN
  • Experience with cloud-specific security assessments and tools
  • Knowledge of DevSecOps practices and CI/CD pipelines
  • Familiarity with containerization technologies (e.g., Docker, Kubernetes)
  • Understanding of compliance frameworks (e.g., HIPAA, PCI DSS, SOC 2)
  • Experience with threat modeling and risk assessment methodologies
  • Familiarity with blue team operations and defensive security measures
  • Knowledge of reverse engineering and malware analysis

What can you expect in return?

• An opportunity to work on greenfield projects and make a dent in the SaaS ecosystem.

• Market-competitive salary.

• Unlimited vacation policy.

• World-class medical insurance for you and your family.

• Flexi work culture with no strict office hours.

• Access to the latest tools and technology to enhance your work productivity.

What kind of work will you do and how will it get recognized?

We are sharing below two recent publications on the AWS blog which we co-authored with them. It will give you a sense of the impact we are having on our customers:

Cloudanix’s Real-Time Threat and Anomaly Detection for Workloads on AWS

How Cloudanix Secures Containerized Applications Running on Amazon EKS