Description
"At BMC trust is not just a word - it's a way of life!"
We are an award-winning, equal opportunity, culturally diverse, fun place to be. Giving back to the community drives us to be better every single day. Our work environment allows you to balance your priorities, because we know you will bring your best every day. We will champion your wins and shout them from the rooftops. Your peers will inspire, drive, support you, and make you laugh out loud!
We help our customers free up time and space to become an Autonomous Digital Enterprise that conquers the opportunities ahead - and are relentless in the pursuit of innovation! Our IS&T (Information Services and Technology) department provides all the required technology and operational support services to run our business here in BMC! We have over 200 servers on premises to support production, disaster recovery, databases, applications and over 1000 servers in Lab environment. IS&T is transformational not only for BMC but also for the customer experience, because we give a 360 degrees view to the customer about the products they should know, opportunities in the pipeline, and any service issues outstanding with the customer. We use cutting-edge technologies to manage BMC's infrastructure and showcase it to the customers – program is called BMC on BMC!BMC Software is looking for a motivated and skilled individual to join the Product Security Group. This is a senior technical position in the team. The candidate will be responsible for engaging with various product teams on security architecture reviews, SaaS security, penetration testing.
A penetration tester plays a crucial role in safeguarding an organization's digital assets and information by proactively identifying and addressing security weaknesses. This role requires a high level of technical expertise, ethical conduct, and a commitment to continuous improvement in the field of cybersecurity.
Here is how, through this exciting role, YOU will contribute to BMC's and your own success:
- You will be conducting thorough vulnerability assessments of applications and systems using various tools and techniques.
- You will be executing penetration tests to simulate real-world cyberattacks.
- You will provide subject matter expertise for application security
- You will be researching and developing new penetration testing methodologies/tools.
- 3+ years of experience in product security (combination of web, mobile, API, cloud, infrastructure and container security) or equivalent skillset. Experience with penetration testing is a must requirement. Prior participation in bug bounty programs is a big plus.
- Familiarity with various hacking tools and penetration testing frameworks (e.g., Metasploit, Burp Suite, Nmap, Wireshark).
- Expertise in web application security testing, including knowledge of OWASP Top Ten vulnerabilities. Proficiency in assessing web applications for common vulnerabilities like SQL injection, XSS, CSRF, and more.
- Proficiency in exploiting vulnerabilities to gain unauthorized access and assess the impact of attacks and understanding of vulnerability scoring systems (e.g., CVSS) to prioritize findings.
- Ability to think creatively and analytically to identify and exploit vulnerabilities. Effective problem-solving skills when encountering unexpected challenges during testing.
Whilst these are nice to have, our team can help you develop in the following skills:
- Strong verbal and written communication skills to effectively convey technical information to both technical and non-technical stakeholders. Meticulous attention to detail when conducting tests and documenting findings.
- Effective time management skills to meet project deadlines and testing schedules.
- Integrity, professionalism, and the ability to work under pressure and maintain confidentiality.
- Optional - Hands-on technical experience designing and implementing security solutions for leading cloud service providers e.g., AWS.
- Optional - Experience with secure code review (SAST) tools for C/C++, Java, and Python languages and relevant frameworks.
Our commitment to you!
BMC's culture is built around its people. We have 6000+ brilliant minds working together across the globe. You won't be known just by your employee number, but for your true authentic self. BMC lets you be YOU!
If after reading the above, You're unsure if you meet the qualifications of this role but are deeply excited about BMC and this team, we still encourage you to apply! We want to attract talents from diverse backgrounds and experience to ensure we face the world together with the best ideas!
BMC is committed to equal opportunity employment regardless of race, age, sex, creed, color, religion, citizenship status, sexual orientation, gender, gender expression, gender identity, national origin, disability, marital status, pregnancy, disabled veteran or status as a protected veteran. If you need a reasonable accommodation for any part of the application and hiring process, visit the accommodation request page.
BMC Software maintains a strict policy of not requesting any form of payment in exchange for employment opportunities, upholding a fair and ethical hiring process.At BMC we believe in pay transparency and have set the midpoint of the salary band for this role at 1,638,100 INR. Actual salaries depend on a wide range of factors that are considered in making compensation decisions, including but not limited to skill sets; experience and training, licensure, and certifications; and other business and organizational needs.
The salary listed is just one component of BMC's employee compensation package. Other rewards may include a variable plan and country specific benefits.
We are committed to ensuring that our employees are paid fairly and equitably, and that we are transparent about our compensation practices.
(Returnship@BMC)
Had a break in your career? No worries. This role is eligible for candidates who have taken a break in their career and want to re-enter the workforce. If your expertise matches the above job, visit to https://bmcrecruit.avature.net/returnship know more and how to apply.
CA-SG
Apply on company website
Find Connections via Linkedin
