UnlockSec

Careers

Operate at the edge of
offensive security.

We're a small team of practitioners who take our craft seriously and our culture personally. If you want to do the most technically challenging security work of your career — and have your name behind findings that actually matter — we should talk.

Why UnlockSec

Real-world impact

Your work directly prevents breaches at the organisations that matter most — banks, hospitals, infrastructure.

Training budget

Annual budget for certifications, conferences, and research tooling. We pay for your OSCP, CRTO, and beyond.

Mentorship culture

Senior operators actively mentor every team member. No siloed knowledge — we grow together.

Wellbeing first

Flexible hours, hybrid working, and a team that understands burnout prevention is part of operational security.

Open Roles

4 positions available

Senior Penetration Tester

Security Services

Apply Now
Hyderabad, India·Full-time·Hybrid

Lead complex network and web application penetration tests from scoping through reporting. You'll own client relationships during the engagement, mentor junior operators, and contribute to methodology improvements.

Nice to have

CRTP / CRTE for Active Directory expertiseBug bounty track record

Requirements

  • OSCP or equivalent (OSCE3, CRTO preferred)
  • 3+ years of hands-on pentesting experience
  • Strong report writing and client communication skills
  • Experience with Burp Suite, Nmap, Metasploit, BloodHound
  • Ability to work across network, web, and cloud scopes

Red Team Operator

Red Team

Apply Now
Hyderabad, India·Full-time·Hybrid

Execute full-scope adversarial simulations using MITRE ATT&CK framework. Develop custom tooling and C2 infrastructure, conduct physical and social engineering operations, and produce executive-level red team reports.

Nice to have

Physical social engineering experiencePurple team experience

Requirements

  • CRTO, CRTE, or OSEP certification
  • 4+ years of red team or offensive security experience
  • Malware development / custom implant experience (C, C#, Go)
  • Active Directory attack path expertise (BloodHound, Impacket)
  • Experience building and operating C2 infrastructure

AI Security Researcher

AI Security Practice

Apply Now
Remote — India·Full-time·Remote

Research and operationalise novel attack techniques against AI/ML systems — prompt injection, jailbreaks, adversarial inputs, model extraction, RAG poisoning, and MCP exploitation. Publish findings and build our AI red teaming methodology.

Nice to have

CAISP or CARTP certificationPublished AI security research

Requirements

  • Deep understanding of LLM architectures and inference pipelines
  • Practical experience with prompt injection and jailbreak techniques
  • Python proficiency (PyTorch, Hugging Face, LangChain, LlamaIndex)
  • Familiarity with OWASP LLM Top 10 and ATLAS framework
  • Strong written communication for research publication

EASM Engineer

Product

Apply Now
Hyderabad, India·Full-time·Hybrid

Build and maintain the Security Blueprint platform — our external attack surface management product. Own data pipelines that continuously enumerate, classify, and risk-score client attack surfaces at scale.

Nice to have

Cloud infrastructure (AWS/GCP)Prior security product experience

Requirements

  • 3+ years of backend engineering (Python or Go preferred)
  • Experience with internet-scanning tools (Shodan, Censys, Amass, Subfinder)
  • Knowledge of DNS, TLS, BGP, and internet-facing asset discovery
  • Database experience: PostgreSQL, Redis, Elasticsearch
  • Security mindset — understanding of what attackers look for in exposed assets

Don't see a role that fits?

We're always interested in hearing from exceptional practitioners. Send a speculative application with your background and what you're looking for.

Send Speculative Application