Staff Pentester

5 days ago

Bengaluru Karnataka, India Cloudera Full time

Business Area:
Engineering

Seniority Level:
Mid-Senior level

Job Description:
At Cloudera, we empower people to transform complex data into clear and actionable insights. With as much data under management as the hyperscalers, we're the preferred data partner for the top companies in almost every industry. Powered by the relentless innovation of the open source community, Cloudera advances digital transformation for the world’s largest enterprises.

As a Staff Penetration Tester, you will:
- Perform manual and automated pentesting of web apps and APIs.- Identify and exploit vulnerabilities, chaining findings for maximum impact.- Conduct targeted assessments on internal and external networks when needed.- Validate and document vulnerabilities with risk ratings and clear remediation guidance.- Collaborate with developers, engineers, and product teams to advise on remediation.- Contribute to secure SDLC initiatives and AppSec review processes.- Create scripts to speed up testing or hand off to engineering teams.- Stay current with new vulnerabilities, exploits, and offensive security tools.- Review SAST and DAST findings to enhance the testing activity.- Assist in the configuration and maintenance of SAST and DAST tools.

We’re excited about you if you have:- Experience with tools like Burp Suite, Nmap, sqlmap, and custom scripts.- Experience with cloud platforms (AWS, Azure, GCP)- Familiarity with manual security source code review and CI/CD pipeline security.- Strong knowledge of the OWASP Top 10 and common web/API vulnerabilities (e.g., Injection attacks, SSRF, auth bypass).- Experience with Fortify, Semgrep, or Burp Enterprise- Knowledge of network security testing (e.g., basic AD exposure, port scanning, misconfig checks, privilege escalation techniques).- Scripting ability in at least one language (Python, Bash, JavaScript, etc.).- Strong communication skills, especially when reporting findings and collaborating cross-functionally.- Certifications like OSCP, GWAPT, CEH, or eWPTX (Nice, but not required.)- Knowledge of containers and Kubernetes security

What you can expect from us:
- Generous PTO Policy- Support work life balance with- Unplugged Days- Flexible WFH Policy- Mental & Physical Wellness programs- Phone and Internet Reimbursement program- Access to Continued Career Development- Comprehensive Benefits and Competitive Packages- Paid Volunteer Time- Employee Resource Groups

EEO/VEVRAA

LI-SV1

  • Application Security Testing Specialist--Hybrid

    1 week ago

    Bengaluru, Karnataka, India UltraViolet Cyber Full time ₹ 15,00,000 - ₹ 25,00,000 per year

    Job Role : Professional Services Consulting, Staff Consultant Experience : 1 to 10 YrsKey Skills: SAST, Web Application Security Testing, Mobile Pentesting, Network Pentesting, Hack the BoxNotice Period : 0 to 15 days--Candidates must attend F2F interview in Bangalore(Weekdays only)No of Positions: 15Office Address : UV Cyber, PRESTIGE BLUE CHIP SOFTWARE...

  • Application Security Testing Specialist--Work From Office,Hosur Road

    1 week ago

    Bengaluru, Karnataka, India Ultraviolet Cyber Full time ₹ 12,00,000 - ₹ 36,00,000 per year

    Job Role : Application Security Testing Specialist, Staff ConsultantExperience : 1 to 10 YrsShould be willing to work in any Shift(Will give Flexibility)Should familiar with Hack The Box Test--MustKey Skills: SAST, Web Application Security Testing, Mobile Pentesting, Network Pentesting, Hack the BoxNotice Period : 0 to 30 days--Candidates must attend F2F...

  • Cyber Security Engineer

    3 weeks ago

    Bengaluru, India GigSky Full time

    We're Hiring: Senior Staff Cybersecurity EngineerLocation: Bangalore (Hybrid)Company: GigSky | Global Connectivity, SimplifiedAt GigSky, we’re redefining global mobile connectivity—powering everything from wearables to airplane engines with seamless, affordable data access. Our patented eSIM technology and enterprise-grade management tools eliminate...

  • Cyber Security Engineer

    3 weeks ago

    Bengaluru, India GigSky Full time

    We're Hiring: Senior Staff Cybersecurity Engineer Location: Bangalore (Hybrid)Company: GigSky | Global Connectivity, SimplifiedAt GigSky, we’re redefining global mobile connectivity—powering everything from wearables to airplane engines with seamless, affordable data access. Our patented eSIM technology and enterprise-grade management tools eliminate...

  • Principal Solution Development

    3 weeks ago

    Bengaluru, India ScaleneWorks Full time

    Technical Function Set up security cloud and on-premise infrastructure: AWS network rules, WAFs, security groups, IAM policies, etc. Set up/update/maintain security alerts using data available from Operational monitoring tools (e.g. SCADA, AgentPortal, PRTG, CloudWatch, RabbitMQ, Elastic, RealTimeHub etc) Implement and enhance security tooling+...

  • Principal Solution Development

    3 weeks ago

    Bengaluru, India ScaleneWorks Full time

    Technical Function Set up security cloud and on-premise infrastructure: AWS network rules, WAFs, security groups, IAM policies, etc. Set up/update/maintain security alerts using data available from Operational monitoring tools (e.g. SCADA, AgentPortal, PRTG, CloudWatch, RabbitMQ, Elastic, RealTimeHub etc) Implement and enhance security tooling+...

  • Cyber Security Engineer

    4 days ago

    Bengaluru, Karnataka, India GigSky Full time US$ 90,000 - US$ 1,20,000 per year

    We're Hiring: Senior Staff Cybersecurity Engineer Location: Bangalore [Hybrid] Company: GigSky | Global Connectivity, Simplified At GigSky, we're redefining global mobile connectivity—powering everything from wearables to airplane engines with seamless, affordable data access. Our patented eSIM technology and enterprise-grade management tools eliminate...

  • Sr. Staff Product Security Engineer

    3 weeks ago

    Bengaluru, India Databricks Full time

    RDQ226R536 About the Team The Product Security Team at Databricks is responsible for embedding security throughout the Software Development Lifecycle (SDLC). Our mission is to left-shift security—ensuring that all code, whether powering customer-facing features or supporting internal infrastructure, is developed with security in mind from the start....

  • Sr. Staff Product Security Engineer

    3 weeks ago

    Bengaluru, India Databricks Full time

    RDQ226R536 About the Team The Product Security Team at Databricks is responsible for embedding security throughout the Software Development Lifecycle (SDLC). Our mission is to left-shift security—ensuring that all code, whether powering customer-facing features or supporting internal infrastructure, is developed with security in mind from the...