Penetration tester

About the team

The Information Security organization advances the overall state of security at Rubrik through purposeful initiatives and coordination of large security projects. Information Security builds technologies, tools, and processes to better enable teams at Rubrik to develop secure software and protect data and systems with appropriate security controls. Information Security also develops systems to monitor and respond to attacks against our systems, provides awareness education to teams on security best practices for data protection, and ensures data sharing relationships with third parties in order to securely protect Rubrik information.

About role

Rubrik is seeking a passionate and motivated Penetration Testing Engineer to join our Information Security team. In this role, you will work to simulate real-world attack scenarios to identify vulnerabilities, evaluate security posture, and develop methods to defend against attacks. The successful candidate will be technically savvy, customer-oriented, results-driven, and passionate about security. You will partner with the vulnerability management engineers, Engineering, IT and other internal stakeholders to enhance Rubrik's overall security posture.

What you'll Do

• Design and execute real-world attack scenarios by replicating the tactics, techniques and procedures (TTPs) of threat actors and highlight gaps impacting Rubrik's products and enterprise security posture.
• Assist with the planning, execution, and reporting of penetration tests on Rubrik's products, services, and internal systems.
• Develop and refine exploitation techniques consistently to conduct penetration testing exercises successfully.
• Deliver detailed reports of technical findings to stakeholders and assist with the development of mitigation plans.
• Assist in security investigations, root-cause analysis and corrective measures as required.
• Coordinate with the security researcher community in reviewing the identified vulnerabilities and drive the issues to closure.
• Drive vulnerabilities to closure within the established SLAs. Navigate escalations when necessary to raise visibility into risk and drive the risk down when SLAs are not met.
• Collaborate with the senior security team members to identify areas for improvement in security posture.
• Contribute to the continuous improvement of Rubrik's penetration testing framework and processes.
• Help develop and maintain testing documentation, including methodologies, procedures, and post-engagement reports.
• Track and monitor penetration testing metrics to scale the pentest program and continuously improve the coverage and depth of penetration testing.
• Stay updated with emerging security threats, innovative defense measures, and industry trends to recommend improvements proactively.

Experience you'll need

• Bachelor's degree required; BE/BTech or MS in Computer Science, Information Technology, or related field
• 2-4 years of hands-on experience in penetration testing, red team, vulnerability exploitation, product security and/or cloud security roles
• Ability to perform targeted cyberattacks with or without the use of automated tools such as (e.g., Burp Suite, Metasploit, Nmap, Wireshark, etc.).
• Experience in system internals (windows, linux) and cloud security (AWS, Azure, GCP)
• In-depth knowledge of exploit frameworks, obfuscation/evasion techniques, application security, IDS/IPS and web proxies
• Strong understanding of security best practices and frameworks (OWASP Top 10, NIST, CIS).
• Demonstrated programming skills in one or more of: Python, Perl, Ruby, Java
• IT security certifications (OSCP, OSCE, GPEN, GWAPT, GXPN) is a plus
• Strong analytical and problem-solving skills.
• Ability to work independently as well as part of a team in a fast-paced environment.
• Excellent verbal and written communication skills

Join Us in Securing the World's Data

Rubrik (RBRK), the Security and AI company, operates at the intersection of data protection, cyber resilience and enterprise AI acceleration. The Rubrik Security Cloud platform is designed to deliver robust cyber resilience and recovery including identity resilience to ensure continuous business operations, all on top of secure metadata and data lake. Rubrik's offerings also include Predibase to help further secure and deploy GenAI while delivering exceptional accuracy and efficiency for agentic applications.

Inclusion @ Rubrik

At Rubrik, we are dedicated to fostering a culture where people from all backgrounds are valued, feel they belong, and believe they can succeed. Our commitment to inclusion is at the heart of our mission to secure the world's data.

Our goal is to hire and promote the best talent, regardless of background. We continually review our hiring practices to ensure fairness and strive to create an environment where every employee has equal access to opportunities for growth and excellence. We believe in empowering everyone to bring their authentic selves to work and achieve their fullest potential.

Our inclusion strategy focuses on three core areas of our business and culture:

• Our Company: We are committed to building a merit-based organization that offers equal access to growth and success for all employees globally. Your potential is limitless here.
• Our Culture: We strive to create an inclusive atmosphere where individuals from all backgrounds feel a strong sense of belonging, can thrive, and do their best work. Your contributions help us innovate and break boundaries.
• Our Communities: We are dedicated to expanding our engagement with the communities we operate in, creating opportunities for underrepresented talent and driving greater innovation for our clients. Your impact extends beyond Rubrik, contributing to safer and stronger communities.

Equal Opportunity Employer/Veterans/Disabled

Rubrik is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against on the basis of disability.

Rubrik provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability or genetics. In addition to federal law requirements, Rubrik complies with applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.

Federal law requires employers to provide reasonable accommodation to qualified individuals with disabilities. Please contact us at if you require a reasonable accommodation to apply for a job or to perform your job. Examples of reasonable accommodation include making a change to the application process or work procedures, providing documents in an alternate format, using a sign language interpreter, or using specialized equipment.

---