Job Description

*Role:** **Senior Offensive Security Engineer**

Location: Kharadi,Pune.

*Life Unlimited.** At Smith\+Nephew, we design and manufacture technology that takes the limits off living.

The Senior Offensive Security Engineer will develop and then deliver a modern AI augmented capability for penetration testing within the Cyber Defense function of Information Security. The role has people management responsibility for the offensive security team and is part of a larger team responsible for delivering a program of security assessments, penetration testing and breach and attack simulation activities to support the security objectives of Smith \& Nephew. The role reports to the Director of Cyber Defense.

*What will you be doing?**

The work includes partnering closely with Product Security, Security Architecture, R\&D, Enterprise Technology, and other teams to understand business and regulatory requirements for security testing and match it to capabilities to ensure cost efficient and high\-quality fulfilment through the right channel, with the objective of increasing insourcing over time.

The role is primarily internal facing with a lower degree of external interaction with partner organizations.

(60%) Scope, plan, and execute penetration tests and security assessments on a wide range of technologies, such as enterprise IT, medical devices, robotics, AI, API, applications, web applications, public cloud, containers, Wi\-Fi, Bluetooth, RF etc.

Write deliverables such as fully evidenced penetration testing reports showing prioritized findings with identified vulnerabilities, proof of compromise, and remediation advice.

(10%) Provide subject matter expertise to assess external penetration test reports or bug bounty requests.

(10%) Contribute to continuous service improvement, developing processes, work instructions, methodologies and frameworks to drive higher quality outcomes or improve efficiency through automation or AI augmentation.

(15%) Manage, mentor and coach other team members.

(5%) Provide technical subject matter expertise to projects and initiatives aimed at improving the capability and maturity of the wider Smith \& Nephew information security practices.

*What will you need to be successful?**

Education: Bachelor´s degree or equivalent experience in Computer Science or related subject preferred.
Licenses/ Certifications: CEH or OSCP
**This role will be based in Pune and will be working from office in Hybrid mode. UK Shift Timing (12:30 PM – 9:30PM IST) Monday to Friday.**
Experience: At least 5 years of experience in penetration testing, adversary emulation, red teaming or equivalent.
Extensive experience with offensive security tools (Nmap, Burp Suite, Metasploit, Wireshark etc.).
Experience with at least one programming language. Full understanding of MITRE ATT\&CK. Understanding of MITRE ATLAS and OWASP for AI.
Deep understanding of offensive security tools and frameworks.
Strong understanding of network protocols, OS, public cloud, web applications.
Effective report writing. Excellent written and oral communication skills. Ability to work independently.

*You. Unlimited.**

*We believe in crafting the greatest good for society. Our strongest investments are in our people and the patients we serve.**

*Inclusion \+ Belonging \- Committed to Welcoming, Celebrating and Thriving. Learn more about our Employee Inclusion Groups on our website** **https://www.smith\-nephew.com/**

*Other reasons why you will love it here!**

**Your Future: Major Medical coverage \+ Policy exclusions and insurance non\-medical limit. Educational Assistance.**
**Work/Life Balance: Flexible Personal/Vacation Time Off, Privilege Leave, Floater Leave.**
**Your Wellbeing: Parents / Parents in Law’s Insurance, Employee Assistance Program, Parental Leave.**
**Flexibility: Hybrid Work Model (For most professional roles)**
**Training: Hands\-On, Team\-Customized, Mentorship**
**Extra Perks: Free Cab Transport facility for all employees, One Time Meal provided to all employees as per shift. Night Shift Allowances.**