The point where experts and best companies meet
BMC Information Security Engineer India, Maharashtra 392670499
30.08.2024
Share
Description and Requirements
CareerArc Code
A penetration tester plays a crucial role in safeguarding an organization's digital assets and information by proactively identifying and addressing security weaknesses. This role requires a high level of technical expertise, ethical conduct, and a commitment to continuous improvement in the field of cybersecurity.
Here is how, through this exciting role, YOU will contribute to BMC's and your own success:
- You will be conducting thorough vulnerability assessments of applications and systems using various tools and techniques.
- You will be executing penetration tests to simulate real-world cyberattacks.
- You will provide subject matter expertise for application security
- You will be researching and developing new penetration testing methodologies/tools.
To ensure you’re set up for success, you will bring the following skillset & experience:
- 3+ years of experience in product security (combination of web, mobile, API, cloud, infrastructure and container security) or equivalent skillset. Experience with penetration testing is a must requirement. Prior participation in bug bounty programs is a big plus.
- Familiarity with various hacking tools and penetration testing frameworks (e.g., Metasploit, Burp Suite, Nmap, Wireshark).
- Expertise in web application security testing, including knowledge of OWASP Top Ten vulnerabilities. Proficiency in assessing web applications for common vulnerabilities like SQL injection, XSS, CSRF, and more.
- Proficiency in exploiting vulnerabilities to gain unauthorized access and assess the impact of attacks and understanding of vulnerability scoring systems (e.g., CVSS) to prioritize findings.
- Ability to think creatively and analytically to identify and exploit vulnerabilities. Effective problem-solving skills when encountering unexpected challenges during testing.
- Integrity, professionalism, and the ability to work under pressure and maintain confidentiality.
Whilst these are nice to have, our team can help you develop in the following skills:
- Experience with secure code review (SAST) tools for C/C++, Java, and Python languages and relevant frameworks.
- Hands-on technical experience designing and implementing security solutions for leading cloud service providers e.g., AWS.
(
know more and how to apply.
Min salary
Mid point salary
Max salary
These jobs might be a good fit
