Apply now »

Adversary Simulation Specialist


Mumbai, IN, 400076

Req ID:  85353
Facility:  Mumbai-470
Department:  Offensive Security
Division:  Innovation

LyondellBasell (NYSE: LYB): As a leader in the global chemical industry, LyondellBasell strives every day to be the safest, best operated and most valued company in our industry. The company’s products, materials and technologies are advancing sustainable solutions for food safety, access to clean water, healthcare and fuel efficiency in more than 100 international markets. LyondellBasell places high priority on diversity, equity and inclusion and is Advancing Good with an emphasis on our planet, the communities where we operate and our future workforce.  The company takes great pride in its world-class technology and customer focus. LyondellBasell has stepped up its circularity and climate ambitions and actions to address the global challenges of plastic waste and decarbonization. For more information, please visit or follow @LyondellBasell on LinkedIn.

Basic Function

The Adversary Simulation Specialist will be responsible for testing and evaluating the security of a LyondellBasell’s networks, systems, and applications. This role involves conducting application assessments, vulnerability assessments, penetration testing, and ethical hacking to identify and exploit vulnerabilities to improve the organization's security posture. The individual will also perform adversarial emulation and simulated attacks to test security controls and identify potential vulnerabilities in the environment. 
Travel: 10%

Roles & Responsibilities

  • Identify and mimic the tactics, techniques and procedures of threat actors or threat groups, and the campaigns they execute against similar organizations or industries
  • Conduct research, penetration testing, application and vulnerability assessments on external-facing resources and internal assets to determine risks
  • Deliver key findings and improvement suggestions to determine if systems and infrastructure are properly tooled and resourced to defend against sophisticated attackers
  • Research and integrate tools, processes, and techniques to improve vulnerability analysis, forensics capabilities, network and data security, and threat management
  • Produce assessments on cyber threats, attacks, and external incidents
  • Create written and verbal products for internal stakeholders to assist in proactively addressing cyber threats and mitigating risk
  • Participate in threat hunting activities and incident response, as needed
  • Stay current with the latest offensive security trends and techniques, including new exploits and vulnerabilities
  • Continuously evaluate and improve the organization's offensive security program 
  • Collaborate with other members of the security team, such as Cyber Threat Intelligence team, incident responders, threat hunters and security analysts, to identify and mitigate threats

Min. Qualifications

  • BE or equivalent degree
  • 5+ years related experience in one or more of the following: offensive security, penetration testing, exploit development, cybersecurity
  • 2+ years related experience in red/purple team
  • Effective communication skills in writing and speaking with an emphasis on report creation and sharing

Preferred Qualifications

  • Knowledge of advanced cyber threats, adversary methodologies, and cyber threat intelligence
  • Experience writing code in one or more programming language (Python, C, JavaScript, Java, etc.)
  • Related certifications such as the OSCP, OSEP, GPEN or CEH
  • 3+ years of experience on coordination and execution of Web application, network, and system penetration tests with good understanding of OWASP TOP 10
  • Knowledge of MITRE ATT&CK and its use within the cybersecurity community (e.g., open-source projects)
  • Experience with encryption protocols (i.e., SSL/TLS) and algorithms (RSA, AES, etc.)
  • Expertise on application security including web application penetration testing, debugging, and reverse engineering
  • Experience in red teaming, penetration testing, exploitation
  • Experience in incident response (hunt), blue teaming, and purple teaming
  • Must be a strong technical leader in the analysis and communication of information security vulnerabilities and their risk to an enterprise
  • Good project management skills and familiarity with ensuring security-by-design inside of a System Development Life Cycle (SDLC) process, GitHub Advanced Security experience is recommended
  • Familiarity with attack emulation/penetration tools, Tenable Nessus, Kali Linux, Metasploit, Burp Suite, Cobalt Strike, etc.



Cultivates innovation
Customer focus
Demonstrates courage
Drives results
Ensures accountability
Instills trust and exemplifies integrity

We are LyondellBasell – a leader in the global chemical industry creating solutions for everyday sustainable living. Through advanced technology and focused investments, we are enabling a circular and low carbon economy. Across all we do, we aim to champion our employees, and unlock value for customers, investors and society. LyondellBasell places high priority on diversity, equity and inclusion and is strongly committed to our planet, the communities where we operate and our future workforce.  As one of the world’s largest producers of polymers and a leader in polyolefin technologies, we develop, manufacture and market high-quality and innovative products for applications ranging from sustainable transportation and food safety to clean water and quality healthcare. For more information, please visit or follow @LyondellBasell on LinkedIn.

Apply now »