Role: Offensive Security Engineer

Location: Kharadi,Pune.

Life Unlimited. At Smith+Nephew, we design and manufacture technology that takes the limits off living.

The Offensive Security Engineer will be part of developing and then delivering a modern AI augmented capability for penetration testing within the Cyber Defense function of Information Security. The role is part of a team responsible for delivering a program of security assessments, penetration testing and breach and attack simulation activities to support the security objectives of Smith & Nephew. The role reports to the Senior Offensive Security Engineer.

What will you be doing?

• The work includes partnering closely with Product Security, Security Architecture, R&D, IT and other teams to understand business and regulatory requirements for security testing and match it to capabilities to ensure cost efficient and high-quality fulfilment through the right channel, with the objective of increasing insourcing over time.

• The role is primarily internal facing with a lower degree of external interaction with partner organization.

• (70%) Scope, plan, and execute penetration tests and security assessments on a wide range of technologies, such as enterprise IT, medical devices, robotics, AI, API, applications, web applications, public cloud, containers, Wi-Fi, Bluetooth, RF etc. Write deliverables such as fully evidenced penetration testing reports showing prioritized findings with identified vulnerabilities, proof of compromise, and remediation advice.

• (10%) Provide subject matter expertise to assess external penetration test reports or bug bounty requests. Identify any issues in completeness and accuracy, as well as assisting internal stakeholders in interpreting findings or validating remediation outcomes.

• (10%) Contribute to continuous service improvement, developing processes, work instructions, methodologies and frameworks to drive higher quality outcomes or improve efficiency through automation or AI.

• (5%) Mentoring and coaching other team members, sharing skills and experience to ensure a good understanding of offensive security concepts.

• (5%) Provide technical subject matter expertise to projects and initiatives aimed at improving the capability and maturity of the wider Smith & Nephew information security practices.

What will you need to be successful?

• Education: Bachelor´s degree or equivalent experience in Computer Science or related subject preferred.
• Licenses/ Certifications: CEH or OSCP
• This role will be based in Pune and will be working from office in Hybrid mode. UK Shift Timing (12:30 PM – 9:30PM IST) Monday to Friday.
• Experience: At least 4+ years of experience in penetration testing, adversary emulation, red teaming or equivalent.
• Extensive experience with offensive security tools (Nmap, Burp Suite, Metasploit, Wireshark etc.).
• Experience with at least one programming language. Full understanding of MITRE ATT&CK. Understanding of MITRE ATLAS and OWASP for AI.
• Deep understanding of offensive security tools and frameworks.
• Strong understanding of network protocols, OS, public cloud, web applications.
• Effective report writing. Excellent written and oral communication skills. Ability to work independently.

You. Unlimited.

We believe in crafting the greatest good for society. Our strongest investments are in our people and the patients we serve.

Inclusion + Belonging - Committed to Welcoming, Celebrating and Thriving. Learn more about our Employee Inclusion Groups on our website https://www.smith-nephew.com/

Other reasons why you will love it here!

• Your Future: Major Medical coverage + Policy exclusions and insurance non-medical limit. Educational Assistance.
• Work/Life Balance: Flexible Personal/Vacation Time Off, Privilege Leave, Floater Leave.
• Your Wellbeing: Parents / Parents in Law’s Insurance, Employee Assistance Program, Parental Leave.
• Flexibility: Hybrid Work Model (For most professional roles)
• Training: Hands-On, Team-Customized, Mentorship
• Extra Perks: Free Cab Transport facility for all employees, One Time Meal provided to all employees as per shift. Night Shift Allowances.

#YS1

Stay connected by joining our Talent Community.

We're more than just a company - we're a community! Follow us on LinkedIn to see how we support and empower our employees and patients every day.  

Check us out on Glassdoor for a glimpse behind the scenes and a sneak peek into You. Unlimited., life, culture, and benefits at S+N.

Explore our website and learn more about our mission, our team, and the opportunities we offer.