Security Analyst

Our world is transforming, and PTC is leading the way. Our software brings the physical and digital worlds together, enabling companies to improve operations, create better products, and empower people in all aspects of their business. Our people make all the difference in our success. Today, we are a global team of nearly 7,000 and our main objective is to create opportunities for our team members to explore, learn, and grow – all while seeing their ideas come to life and celebrating the differences that make us who we are and the work we do possible. The Cyber Security Consultant (Offensive Security) should have a strong passion for offensive security, with skills in red teaming and penetration testing. The role involves working with a team focused on security monitoring, cloud defense implementation, architecture reviews, pentesting, social engineering campaigns, automation, and tool development. The candidate should have a solid understanding of TTPs (Tactics, Techniques, and Procedures) and an innovative, offensive mindset. The candidate will be part of the Global Information/Cyber Security Group and will be operating from Pune. This is a critical position where the candidate must provide operational readiness in a high availability environment to tackle any sort of security incidents and ensure business continuity. Job Description: - Execute long-term offensive security engagements and identify security gaps within the infrastructure and services. - Perform Recon, Weaponization, Payload Delivery, and C&C techniques. - Integration, modification, and automation of security tools through scripting and use of AI. - Research the TTPs of various threat actors and create payloads that can emulate those threat actors. - Utilize threat intelligence to aid red team campaigns. - Execute Windows and Unix lateral movement and foothold techniques. - Windows AD environment and exploitation techniques. - Exploit web and mobile applications. - Perform security code reviews. - Perform software reverse engineering and malware analysis. - Train employees on how to avoid falling prey to social engineering tactics and execute social engineering engagements. - Analyze digital forensics and participate in incident response during security incidents. - Review security groups, VPC configurations, etc., to strengthen the cloud infrastructure setup. - Participate in tabletop exercises as part of the purple teaming initiative. - Present findings to senior management and executives. - Remediate identified security gaps by writing code, writing rules for IDS systems, etc. Key Competencies: - Sound technical skills. - Leadership. - Quick decision-making capabilities. - Ability to assist with remediation strategies for security findings. - Persistence and follow-through on tasks. - Ability to handle multiple tasks or issues. - Assumes responsibility and accountability for successfully completing assignments. - Identify obstacles and overcome barriers under guidance. - Flexible and adaptable to taking on new responsibilities and learning new technology. - Team player with excellent interpersonal skills and communication abilities, and a high degree of self-confidence. Required Experience: - 3+ years’ experience in offensive security testing. - Understanding of OWASP Top 10, MITRE ATT&CK Frameworks, and Cyber Kill Chain. - AV/EDR bypass is a desirable skill. - Vulnerability management. - Knowledge of coding in .Net, C, C++, Java, web technologies, and UI scripts (e.g., JS, typescript, web assembly, etc.). - 2+ years of scripting experience using Go, Python, Perl, etc. - Understanding of AI in offensive security. - 1–2 years’ experience in writing/modifying exploit codes. - 2–3 years’ experience with commercial and open-source network/web vulnerability scanners. - Extensive experience with Red Team Campaigns and Red Team Tools. - Proficiency with tools like Metasploit, C2, DNSCAT2, Caldera, Clockify, etc. - Familiarity with various network architectures, network services, system types, network devices, development platforms, software suites, and tools like Wireshark. - Experience in code review, malware analysis, and reverse engineering. - Fundamental understanding of computer networks and WiFi technology. - Solid understanding of cloud computing. Qualifications: - Master’s/Bachelor’s degree in Computer Science or years of related experience. - Certifications such as OSCP, CRTO, CRTP, PenTest+, PNPT, Red Teams Ops, etc. Life at PTC is about more than working with today’s most cutting-edge technologies to transform the physical world. It’s about showing up as you are and working alongside some of today’s most talented industry leaders to transform the world around you. If you share our passion for problem-solving through innovation, you’ll likely become just as passionate about the PTC experience as we are. Are you ready to explore your next career move with us? We respect the privacy rights of individuals and are committed to handling personal information responsibly and in accordance with all applicable privacy and data protection laws. Review our Privacy Policy here.