Helix - Penetration Tester
Indexed description
BMC Helix is looking for a motivated and skilled individual to join the Product Security Group. This is a senior technical position in the team. The candidate will be responsible for engaging with various product teams on security architecture reviews, SaaS security, penetration testing. A penetration tester plays a crucial role in safeguarding an organization's digital assets and information by proactively identifying and addressing security weaknesses. This role requires a high level of technical expertise, ethical conduct, and a commitment to continuous improvement in the field of cybersecurity.
Role
BMC is looking for an Penetration tester to join our amazing Product security team! Here is how, through this exciting role, YOU will contribute to BMC's and your own success:
- Conduct thorough vulnerability assessments of applications and systems using various tools and techniques.
- Execute penetration tests to simulate real-world cyberattacks, identifying weaknesses and vulnerabilities.
- Provide expert guidance on application security best practices.
- Research and develop new penetration testing methodologies, tools, and techniques.
- 5+ years of experience in product security (web, mobile, API, cloud, infrastructure, and container security) or equivalent skillset.
- Penetration testing experience is essential; prior participation in bug bounty programs is a plus.
- Proficiency with hacking tools and penetration testing frameworks (e.g., Metasploit, Burp Suite, Nmap, Wireshark).
- Expertise in web application security testing, including knowledge of OWASP Top Ten vulnerabilities.
- Experience identifying and assessing vulnerabilities such as SQL injection, XSS, CSRF, and more.
- Proficiency in exploiting vulnerabilities to gain unauthorized access and assess attack impact.
- Understanding of vulnerability scoring systems (e.g., CVSS) for prioritizing findings.
- Ability to think creatively and analytically to identify and exploit vulnerabilities.
- Strong problem-solving skills when encountering unexpected challenges during testing.
- Excellent verbal and written communication skills for conveying technical details to both technical and non-technical stakeholders.
- Meticulous attention to detail in documenting findings and creating reports.
- Effective time management skills to meet project deadlines and testing schedules.
- High level of integrity and professionalism, with the ability to work under pressure while maintaining confidentiality.
- Hands-on technical experience with cloud security solutions for leading cloud service providers (e.g., AWS).
- Experience with secure code review (SAST) tools for languages such as C/C++, Java, and Python, and relevant frameworks.
BMC Helix maintains a strict policy of not requesting any form of payment in exchange for employment opportunities, upholding a fair and ethical hiring process.
At HELIX we believe in pay transparency and have set the midpoint of the salary band for this role at 2,841,000 INR. Actual salaries depend on a wide range of factors that are considered in making compensation decisions, including but not limited to skill sets; experience and training, licensure, and certifications; and other business and organizational needs.
The salary listed is just one component of HELIX's employee compensation package. Other rewards may include a variable plan and country specific benefits.
We are committed to ensuring that our employees are paid fairly and equitably, and that we are transparent about our compensation practices.
(Returnship@BMC) Had a break in your career? No worries. This role is eligible for candidates who have taken a break in their career and want to re-enter the workforce. If your expertise matches the above job, visit to [1] https://bmcrecruit.avature.net/returnship know more and how to apply. References Visible links 1. https://bmcrecruit.avature.net/returnship
Create a free Caio profile to unlock more results and save your role and location preferences.
Unlock free search