Careers

At Payatu we believe in following one’s passion and with that thought we have created a world class team of researchers and executors who are bending the rules to provide state of the art security services. We are a passionate bunch of folks working on the latest and leading edge security technology. We are proud to be part of a vibrant security community and don’t miss any opportunity to give back.

Are you passionate about breaking network and application? Are you someone who eats, drinks, breathes and dreams security? If yes, then Payatu is the place for you. We are always in search of passionate people to expand our renowned Bandit family at Payatu. In the quest for Bandits, here is an excellent opportunity we would like to share with you. We looking for security researchers with interest/expertise in one or more of the following:
  – Web exploitation
  – Network exploitation
  – Vulnerability and Exploit research
  – Hardware exploitation and penetration testing
  – Reverse engineering of binaries and proprietary protocols
  – Radio/wireless security analysis and exploitation along with GNURadio experience
  – SCADA/ICS Security
  – Blockchain security
  – DevSecOps
  – AWS/Azure cloud security
  – Big Data Security
Job requirements:
  – Researching and coming up with new exploitation techniques
  – Security assessment of products/services in your area of expertise
  – Writing a proof of concept tools
  – Submitting and Showcasing your research at conferences
  – Documenting new attack techniques and research
You should apply if you:
  – Are passionate about your area of expertise and self-driven
  – Have the knack of finding security bugs in everything you touch
  – Love working for the end result and not the effort put in
  – Like automating stuff
  – Like writing tools
  – Are comfortable working in a dynamic and fast-paced work environment
  – Have good written and verbal communication skills and ability to express your thoughts clearly
  – Have the ability to work independently and meet project schedule and deadlines
Min. Criteria for applying:
  – No bar on educational qualification
  – You must have a proven track record in security
  – You should have authored a security tool/plugin
    or
  – Spoken at security conferences where papers are selected through CFP
  – Written research papers, books, blogs, articles etc
  – An active member of any security community or group
  – Working on something on your own in your field apart from official work
  – Written and submitted exploits in ExploitDB, Securityfocus and other available forums
  – Regularly participate in CTFs and bug bounties
Are you passionate about breaking the hardware? Are you someone who eats, drinks, breathes and dreams security? If yes, then Payatu is the place for you. We are always in search of passionate people to expand our renowned Bandit family at Payatu.
In the quest for Bandits, we are looking for individuals passionate about breaking IoT products to join our esteemed team. Here is an excellent opportunity we would like to share with you.
What we look for
 – Your expertise is your primary qualification, not your degree or certification
 – Your publicly known contributions are your credentials
 – Papers you have written, tools you have developed are your references
 – Your write-up reflects your interests and ethics
 – Your published exploits, your CTF scores and hall of fame listings are the testimonies of your work
 – Your research papers published and presented at conferences
 – You are learning from the community and enthusiastically contributing back
What you will do:
 – Reverse Engineer circuits
 – Identify debug interfaces and components on boards
 – Extract firmware from black box hardware
 – Back your findings with Proof-of-concept exploits
 – Collect evidence and maintain a detailed write-up of the findings
 – Explain and demonstrate vulnerabilities to system owners
 – Provide appropriate remediation and mitigations of the identified vulnerabilities
 – Individually or collaboratively review the system designs, source code, configurations, communications for security gaps.
 – Deliver results within stipulated timelines.
 – Sharpen your saw with continuous research, learning, training on the latest tools and techniques, keeping up with new research and sharing the same with the ecosystem.
 – Communicate well using verbal and written skills, within and out of the team
 The technical skill you should have:
 – Stronghold on reverse engineering ARM/MIPS/x86 code
 – Stronghold on Android/iOS security
 – Good command of at least one programming language
 – Knowledge of radio chips and protocols
 – Understanding of Web/Mobile/Cloud application security concept would be plus
You should apply if:
 – You have Passion for making and breaking hardware
 – You have a history of publishing or presenting good research
 – You have the knack of finding security bugs in everything you touch
 – You like writing tools
 – You like automating stuff
 – You have excellent written and verbal communication skills and ability to express your thoughts clearly
 – You have the skill to articulate and present technical things in business language
 – You can work independently as well as within a team and meet project schedule and deadlines
 – You have strong problem solving, troubleshooting and analysis skills
 – You are passionate about your area of expertise and self-driven
 – You are comfortable working in the dynamic and fast-paced work environment
 – You are Self-driven, proactive, hardworking, team-player
 – You are working on something on your own in your field apart from official work.

ATTENTION! Any Python+Embedded dev hacker wants to work on one of the most interesting IoT security products at one of the most interesting Security Companies in the world. Send your resume to us.

Who?
1. Expertise in python and embedded development
2. Experience in electronics/hardware design
3. Passion for IoT and security
4. Problem Solver
5. Radio/SDR programming will be a plus
6. Experience with IoT protocols like MQTT, CoAP, BACNet, ZigBee, ZWave, WirelessHART, Thread will be a plus
7. Should have some community contribution – Open source code, Research, talks/workshops at conferences.
8. A bandit.

What?
IoT Security Product being developed at Payatu

When?
Yesterday

Where?
Pune

Why?
Because we are going where no one has gone before. Oh! and we work hard and Party harder!

How?
Submit your resume.

Are you passionate about breaking the application? Are you someone who eats, drinks, breathes and dreams security (bug bounties)? If yes, then Payatu is the place for you. We are always in search of passionate people to expand our renowned Bandit family at Payatu. In the quest for Bandits, here is an excellent opportunity we would like to share with you.
What we look for
  – Your expertise is your primary qualification, not your degree or certification
  – Your publicly known contributions are your credentials
  – Papers you have written, tools you have developed are your references
  – Your write-up reflects your interests and ethics
  – Your published exploits, your CTF scores and hall of fame listings are the testimonies of your work
  – Your research paper published and presented at conferences
  – You are learning from the community and enthusiastically contributing back
What you will do:
  – Security assessment of web application and web service on various platforms.
  – Back your findings with Proof-of-concept exploits
  – Collect evidence and maintain a detailed write-up of the findings
  – Understand and explain the results with impact on business and compliance status
  – Explain and demonstrate vulnerabilities to application/system owners
  – Provide appropriate remediation and mitigations of the identified vulnerabilities
  – Individually or collaboratively review the system designs, source code, configurations, communications for security gaps.
  – Deliver results within stipulated timelines.
  – Sharpen your saw with continuous research, learning, training on the latest tools and techniques, keeping up with new research and sharing the same with the ecosystem.
  – Communicate well using verbal and written skills, within and out of the team
The skill you should have:
  – Strong fundamental of application and network protocols
  – Stronghold on Web application security concept and penetration testing skill
  – Good command of at least one programming language
  – Good understanding of OWASP Top 10 and other web related vulnerabilities as well as logic flaws
  – Hands-on experience in performing penetration testing of web-based application preferably in the financial domain
  – Good to have experience in working alongside the development/QA teams
  – Good report writing and presentation skills
  – Should be able to suggest optimum security improvements to application components
You should apply if:
  – 1-2 years of experience in web application and web service security assessment
  – You have a history of publishing or presenting good research
  – You have the knack of finding security bugs in everything you touch
  – You like automating stuff
  – You like writing tools
  – You have excellent written and verbal communication skills and ability to express your thoughts clearly
  – You have the skill to articulate and present technical things in business language
  – You can work independently as well as within a team and meet project schedule and deadlines
  – You have Strong problem solving, troubleshooting and analysis skills
  – You are passionate about your area of expertise and self-driven
  – You are comfortable working in a dynamic and fast-paced work environment
  – You are Self-driven, proactive, hardworking, team-player
  – You are working on something on your own in your field apart from official work
Are you passionate about breaking network and application? Are you someone who eats, drinks, breathes and dreams security? If yes, then Payatu is the place for you. We are always in search of passionate people to expand our renowned Bandit family at Payatu. In the quest for Bandits, here is an excellent opportunity we would like to share with you.
What we look for
  – Your expertise is your primary qualification, not your degree or certification
  – Your publicly known contributions are your credentials
  – Papers you have written, tools you have developed are your references
  – Your write-up reflects your interests and ethics
  – Your published exploits, your CTF scores and hall of fame listings are the testimonies of your work
  – Your research paper published and presented at conferences
  – You are learning from the community and enthusiastically contributing back
What you will do:
  – Security assessment of web/mobile/cloud application on various platforms and network infrastructure
  – Back your findings with Proof-of-concept exploits
  – Collect evidence and maintain a detailed write-up of the findings
  – Understand and explain the results with impact on business and compliance status
  – Explain and demonstrate vulnerabilities to application/system owners
  – Provide appropriate remediation and mitigations of the identified vulnerabilities
  – Individually or collaboratively review the system designs, source code, configurations, communications for security gaps.
  – Deliver results within stipulated timelines.
  – Sharpen your saw with continuous research, learning, training on latest tools and techniques, keeping up with new research and sharing the same with the ecosystem.
  – Communicate well using verbal and written skills, within and out of the team
The technical skill you should have:
  – Strong fundamental of OS, network/application protocols
  – Stronghold on Web/Mobile/Cloud application security concept and penetration testing skill
  – Stronghold on Network Infrastructure security assessment
  – Good command of at least one programming language
You should apply if:
  – You have a history of publishing or presenting good research
  – You have the knack of finding security bugs in everything you touch
  – You like automating stuff
  – You like writing tools
  – You have excellent written and verbal communication skills and ability to express your thoughts clearly
  – You have the skill to articulate and present technical things in business language
  – You can work independently as well as within a team and meet project schedule and deadlines
  – You have Strong problem solving, troubleshooting and analysis skills
  – You are passionate about your area of expertise and self-driven
  – You are comfortable working in a dynamic and fast-paced work environment
  – You are Self-driven, proactive, hardworking, team-player
  – You are working on something on your own in your field apart from official work

Are you passionate about breaking software? Are you someone who eats, drinks, breathes and dreams security? If yes, then Payatu is the place for you.  We are always in search of passionate people to expand our renowned Bandit family at Payatu. In the quest for Bandits.  We looking for individuals passionate about vulnerability discovery, reverse engineering, and exploit development to join our esteemed team. Here is an excellent opportunity we would like to share with you.

What we look for
  – Your expertise is your primary qualification, not your degree or certification
  – Your publicly known contributions are your credentials
  – Papers you have written, tools you have developed are your references
  – Your write-up reflects your interests and ethics
  – Your published exploits, your CTF scores and hall of fame listings are the testimonies of your work
  – Your research paper published and presented at conferences
  – You are learning from the community and enthusiastically contributing back
What you will do:
  – Discover and exploit vulnerabilities affecting high profile commercial and consumer software.
  – Attack vector enumeration of the target application
  – Static or dynamic analysis of the target application
  – Reverse engineer, debug and identify of vulnerabilities.
  – Writing exploitation code and technical documentation.
The technical skill you should have:
 – Strong fundamental of Operating System Concept i.e. Process Management, Memory Management, File system management etc.
 – You have a thorough understanding of a wide range of vulnerability classes
 – The ability to read and understand x86/x64 assembly code
 – Demonstrated ability to discover zero-day vulnerabilities in modern software
 – Demonstrated ability to exploit modern software
 – Knowledge in exploitation technology, such as Shellcode, Heap Spray, ROP etc.
 – Proficiency with reverse engineering tools like debuggers, IDA Pro.
 – Solid programming skills with languages such as C, C++, Python or Ruby is required
You should apply if:
 – You have a history of publishing or presenting good research
 – You have the knack of finding security bugs in everything you touch
 – You like automating stuff
 – You like writing tools
 – You have excellent written and verbal communication skills and ability to express your thoughts clearly
 – You have the ability to work independently as well as within a team and meet project schedule and deadlines
 – You have Strong problem solving, troubleshooting and analysis skills
 – You are passionate about your area of expertise and self-driven
 – You are comfortable working in a dynamic and fast-paced work environment
 – You are Self-driven, proactive, hardworking, team-player
 – You are working on something on your own in your field apart from official work
Are you someone who is passionate about creating an awesome product and solutions and loves to stay in touch with the latest technologies. We are always in search of passionate people to expand our renowned Bandit family at Payatu. In the quest for Bandits, we are looking for an enthusiastic, intelligent and experienced full stack developer.
What we look for:
  – Your expertise is your primary qualification, not your degree or certification
  – Your publicly known contributions are your credentials
  – Papers you have written, tools you have developed are your references
  – Your write-up reflects your interests and ethics
  – Your blog and GitHub repository are the testimonies of your work
  – You are learning from the community and enthusiastically contributing back
What you will do:
  – Take ownership of existing web infrastructure
  – Develop excellent, well-engineered web applications
  – Make architecture and designs decisions
  – Write exceptional code and fix any bugs along the way
  – Follow new technologies as they come to the surface and make sure you are able to utilize them
The technical skill you should have:
  – Proven working experience in web programming
  – Strong sense of web design and attuned to the fundamentals of user experience.
  – Familiarity with the whole web stack
  – A solid understanding of web application security
  – Experience with the server-side technologies & languages such as node.js, Python + Django
  – Basic knowledge of Search Engine Optimization process
  – Knowledge of Google app engine will be plus
You should apply if:
  – You loves building web applications, end to end!
  – You like automating stuff
  – You like writing tools
  – You are self-motivated and pro-active with demonstrated creative and critical thinking capabilities.
  – You have ability to work independently and meet project schedule and deadlines
  – You have Strong problem solving, troubleshooting and analysis skills
  – You are comfortable working in a dynamic and fast-paced work environment
  – You have good written and verbal communication skills and ability to express your thoughts clearly
  – You are Self-driven, proactive, hard working, team-player
  – You are working on something on your own in your field apart from official work
We are looking for a smart and passionate sales and marketing person who is an out of the box thinker, open to taking up new challenges, is smart in his approach and knows the art of converting ‘potential’ into ‘actual’. The right person needs to have an ideal mix of capabilities to sell both off-line and online.
Roles and Responsibilities:
– Identifying sales opportunities through primary, secondary research including building up and maintaining the prospects database
– Identify key decision makers within target organizations
– Establish and maintain a relationship with the clients.
– Generate qualified leads through cold calling, email and reference
– Sell company offerings and services to potential clients
– Maintain sales activity records
– Work on RFPs / proposals
– Preparing PowerPoint presentations and sales displays
– Updates job knowledge by participating in educational opportunities, reading professional publications, maintaining personal networks
– Attending conferences, meetings, and industry events to identify business opportunities
Skill Requirement:
– Strong communication skills, written and verbal
– Must be aggressive and dynamic with a good attitude
– Must be confident and should have a pleasing personality.
– Should have good selling attitude, result oriented & able to work independently as well as in a team.
– Ability to make a presentation to the required audience
– Strong interpersonal skills
– Knowledge of principles and practices of sales
– Knowledge of Information Security Domain would be a plus
We are looking Business Development Manager who will be responsible for improving an organization’s market position and achieve financial growth. Work includes defining long-term organisational strategic goals, building key customer relationships, identifying business opportunities, negotiating and closing business deals and maintain extensive knowledge of current market conditions.
Roles and Responsibilities
Generate business opportunities and leads from existing and new customers
Locates or proposes potential business deals by contacting potential partners, discovering and exploring opportunities
Maintaining fruitful relationships with existing customers
Promote and pitch the company’s products/services
Responsible for entire sales cycle starting from lead generation, submitting of the proposal, negotiating with the client and closing the order
Develop a growth strategy focused both on financial gain and customer satisfaction
Develop and implement online and e-mail marketing strategies
Planning and overseeing new marketing initiatives
Identifies trendsetter ideas by researching industry and related events, publications, and announcements
Updates job knowledge by participating in educational opportunities, reading professional publications, maintaining personal networks
Attending conferences, meetings, and industry events to identify business opportunities
Preparing PowerPoint presentations and sales displays
Protects organization’s value by keeping information confidential
Desired Skill
Demonstrated ability to take ownership and drive results
Strong business judgement with a track record of successful negotiations and overall relationship management
Ability to think strategically and tactically, with excellent attention to detail
Tenacity to develop ideas independently and thrive in a fast-paced start-up environment
Proven analytical thinking, project management skills, attention to detail and exceptional organizational skills are essential
Should be able to work well both in a team environment and also as an individual performer
Should be able to build efficient contact lists of all major customers and identify key contacts at each company
Should be able to use Social media and search tools for generating leads and account information (Facebook/Twitter/ LinkedIn)
Ability to demonstrate time management with basic telesales skills and knowledge
Should be able to meet Monthly, Quarterly and Yearly targets efficiently
Proficiency in MS Office and CRM software
Excellent communication and people skills
Demonstrable experience in dealing with high-level negotiations
Experience in establishing and maintaining relationships with senior management and CXO
Experience in selling Information Security Services would be plus
We are looking for a smart and passionate person who is an out of the box thinker, open to taking up new challenges, is smart in his approach and knows the art of converting ‘potential’ into ‘actual’.
Roles and Responsibilities
– Design and Implement successful digital marketing strategies to promote our offerings
– Build and maintain our social media presence
– Brainstorm new and creative growth strategies
– Manage marketing campaign strategy and content development and delivery across multiple websites and other digital channels.
– Apply expertise to demonstrate how digital communications can improve the reach and enhance the effectiveness of marketing campaign content.
– Conducting extensive research to gain valuable understanding of the current online status and online competitors presence
– Measure and report performance of all digital marketing campaigns, and assess against goals (ROI and KPIs)
– Generate qualified leads through email marketing, Social Network and reference
– Attending conferences, meetings, and industry events to understand business
– Researching new online media opportunities that may benefit the business including mobile, social media, development of blogs and forums;
Skill Requirement:
– Good Analytical & Reasoning skills, data-driven thinking
– Creative with experience in identifying target audiences and devising digital campaigns that engage, inform and motivate
– Demonstrable experience in leading and managing SEO/SEM, marketing database, email, social media and display advertising campaigns
– Up-to-date with the latest trends and best practices in online marketing and measurement
– Strong communication skills, written and verbal
– Must be aggressive and dynamic with a good attitude
– Must be confident and should have a pleasing personality.
– Strong interpersonal skills
– Knowledge of Information Security Domain would be a plus
We are looking for a talented Web Designer to create amazing user experiences. The ideal candidate should have an eye for clean and artful design and possess superior user interface design skills. You must be a life-long learner and be willing to research, develop, and implement new marketing initiatives by your design idea.
Job Responsibilities:
Conceptualize look, feel, organization and design theme for nullcon.net and hardwear.io and projects that represent the mission of Payatu
Think creatively and develop new design concepts, graphics and layouts
Translate business and marketing objectives into designs that are clear, compelling, visually exciting and engaging
Working in both print and web-based mediums, produce high quality and compelling graphic designs in quick turnaround times
Design and layout of electronic and print materials for all programs and events i.e. flyers, posters, banners, standees, collaterals, logos, invitations, postcards, newsletters, newspaper ads, etc.
Carrying design and web projects from concept to completion while adhering to the brand standards
Execute website search engine optimization best practices
Maintaining and enhancing websites by adding and improving the design and interactive features
Ensuring the coding standards are met; optimizing the web architectures for navigability and accessibility
Comfortable working with a wide range of stakeholders and decision-makers
Required Skills & Qualifications:
Demonstrable graphic design skills with a strong portfolio
Strong creative/artistic visual aesthetic
Must have a strong desire to develop and implement creative content for the website, social media, and sales/marketing material
Up to date with industry-leading software and technologies (i.e., Adobe CS4 suite(PC), especially Photoshop, Indesign, coral draw and Illustrator)
Ability to learn and adapt to new skill sets, programming languages and software
Knowledge of HTML/CSS/PHP/Javascript/MySQL
Development skills in CMS driven and/or Responsive websites
Experience working with WordPress
The detail and deadline-oriented work ethic
Strong communication and listening skills
Excellent organizational and planning skills
Ability to handle responsibilities/projects independently and pro-actively
Demonstrated skills in video editing and motion graphics a plus
Additional Information:
Please include a link to your online portfolio or submit a portfolio with your application.
Are you always the ‘organised one’ in your friendship circle or at work? Are you always sorting out every detail of your life, from booking dinners, sorting out travel arrangements and even filing the receipts after? And do you find yourself secretly enjoying it?
The role of administrator involves a great deal of multitasking. You will work with teams, oversee the operations within your company, manage groups, coordinate with management and engage in planning according to the needs of your company. If there are office resource or administrative issues, you will be the person expected to deal with them.
Here is a quick list of typical administrator duties:
Management of office equipment
Maintaining a clean and enjoyable working environment
Handling external or internal communication or management systems
Managing clerical or other administrative staff
Organizing, arranging and coordinating meetings
Sorting and distributing incoming and outgoing post

About Payatu
Payatu is a boutique security testing company specialized in IoT/Embedded/ICS/BlockChain/DevSecOps/Cloud/Mobile/Web and Infra security testing. Passion is the word on which the Payatu is founded. Passion is what drives our bandits to achieve where we stand today. We also run the famous kernel/mobile and IoT hacking training at most of the renowned security conferences around the world.
Our Bandits are known for their passion and dedication to their chosen disciplines in information security. Our team of researchers and executors are bending the rules to provide state of the art security services. We are passionate about hacking and securing the latest and leading-edge security technology. We are proud to be part of a vibrant security community and don’t miss any opportunity to contribute back. Some of the contributions in the field reflect our dedication and passion.
Null – It all started with null – The open security community in 2008 as we were eager to learn and have a place for security researchers to network and learn together. At that time there was no common place for passionate researchers to meet and discuss security. The founders put the seed to initiate a community which would later grow to become a registered non-profit society and one of the most active security communities in India with chapters in various cities in India and abroad – Singapore, Amsterdam and Dubai. null is driven entirely by passionate volunteers.
Nullcon – nullcon Security Conference is an annual Security event held in Goa, India. Nullcon is a must-attend event for researchers. After 9 years of efforts put in the event, it has now become a world-renowned platform to showcase new research.
Hardwear.io – Hardware Security Conference is an annual Hardware Security event held in The Hague, Netherlands. It is being organized to answer the emerging threats and attacks on hardware. We aim to make it the largest platform where hardware security innovation happens.
– Dedicated Fuzzing Infrastructure – We are proud to be one of the few security research companies to own an in-house infrastructure and hardware for distributed fuzzing of software such as browsers, client and server applications etc.
– Open source tools – Our team regularly authors open source tools to aid in security learning and research.

The Bandit Team:
A close-knit family that encourages each other to achieve their best. A team that enjoys each others success and that gives us numerous occasions to celebrate.
We work hard and party harder. Our amazing team is winning business and hearts all around the world with their high-quality deliverable, community contributions and being fine trustworthy professional

Our Culture:
While our team members are rocking the fields of their chosen disciplines, our value keeps them humble and responsible.
Our Professionalism and strong work ethics give trust to our clients across the globe and industries in securing their assets. We care for our family as much as we care for our clients and community. Being trustable and responsible for our work in the discipline of security is part of our culture at Payatu.

Workplace benefits we extend :
– Diverse learning opportunities
– No dress code
– Flexible timing and work from home option
– Flexible leave policy
– Flat organization structure with no hierarchy
– Freedom to choose your path of development and research
– We encourage & fund the security research and development efforts incepted at Payatu
– Showcasing our research and findings at international hacking conferences is our nature
– Logistics assistance on submitting your research to an international conference.
– Be a part of nullcon Goa and hardwear.io Netherlands crew and meet/interact with world-class researchers.
– Work on security research domain of your expertise and get paid for it too.
– Research ideas to execution support

The Journey of Bandits (career path) :
At Payatu, we mean business. All our team members are at the front line of the business which helps them to understand the industry and business dynamics.
We encourage our team members to experiment with new concepts, take complete responsibility and accountability to transform it into a value proposition.
We understand that failures, success, innovation and contribution to the community are all part of the process.
We help our team members to pursue their chosen disciplines and mentor them to become experts.

Work With Us

Send us your CV to