Penetration Testing

Description and Requirements
"At BMC trust is not just a word - it's a way of life"
Description And Requirements
CareerArc Code

CA-DN

Hybrid
"At BMC trust is not just a word - it's a way of life"
We are an award-winning, equal opportunity, culturally diverse, fun place to be. Giving back to the community drives us to be better every single day. Our work environment allows you to balance your priorities, because we know you will bring your best every day. We will champion your wins and shout them from the rooftops. Your peers will inspire, drive, support you, and make you laugh out loud

We help our customers free up time and space to become an Autonomous Digital Enterprise that conquers the opportunities ahead - and are relentless in the pursuit of innovation

BMC Helix is looking for a motivated and skilled individual to join the Product Security Group. This is a senior technical position in the team. The candidate will be responsible for engaging with various product teams on security architecture reviews, SaaS security, penetration testing.

A penetration tester plays a crucial role in safeguarding an organization's digital assets and information by proactively identifying and addressing security weaknesses. This role requires a high level of technical expertise, ethical conduct, and a commitment to continuous improvement in the field of cybersecurity.

Roles And Responsibilities

• Conduct thorough vulnerability assessments of applications and systems using various tools and techniques.
• Execute penetration tests to simulate real-world cyberattacks, identifying weaknesses and vulnerabilities.
• Provide expert guidance on application security best practices.
• Research and develop new penetration testing methodologies, tools, and techniques.

Qualifications & Skills

• 5+ years of experience in product security (web, mobile, API, cloud, infrastructure, and container security) or equivalent skillset.
• Penetration testing experience is essential; prior participation in bug bounty programs is a plus.
• Proficiency with hacking tools and penetration testing frameworks (e.g., Metasploit, Burp Suite, Nmap, Wireshark).
• Expertise in web application security testing, including knowledge of OWASP Top Ten vulnerabilities.
• Experience identifying and assessing vulnerabilities such as SQL injection, XSS, CSRF, and more.
• Proficiency in exploiting vulnerabilities to gain unauthorized access and assess attack impact.
• Understanding of vulnerability scoring systems (e.g., CVSS) for prioritizing findings.
• Ability to think creatively and analytically to identify and exploit vulnerabilities.
• Strong problem-solving skills when encountering unexpected challenges during testing.
• Excellent verbal and written communication skills for conveying technical details to both technical and non-technical stakeholders.
• Meticulous attention to detail in documenting findings and creating reports.
• Effective time management skills to meet project deadlines and testing schedules.
• High level of integrity and professionalism, with the ability to work under pressure while maintaining confidentiality.

Optional

• Hands-on technical experience with cloud security solutions for leading cloud service providers (e.g., AWS).
• Experience with secure code review (SAST) tools for languages such as C/C++, Java, and Python, and relevant frameworks.

Our commitment to you
BMC's culture is built around its people. We have 6000+ brilliant minds working together across the globe. You won't be known just by your employee number, but for your true authentic self. BMC lets you be YOU

If after reading the above, You're unsure if you meet the qualifications of this role but are deeply excited about BMC and this team, we still encourage you to apply We want to attract talents from diverse backgrounds and experience to ensure we face the world together with the best ideas

BMC is committed to equal opportunity employment regardless of race, age, sex, creed, color, religion, citizenship status, sexual orientation, gender, gender expression, gender identity, national origin, disability, marital status, pregnancy, disabled veteran or status as a protected veteran. If you need a reasonable accommodation for any part of the application and hiring process, visit the accommodation request page.

BMC Software maintains a strict policy of not requesting any form of payment in exchange for employment opportunities, upholding a fair and ethical hiring process.

At BMC we believe in pay transparency and have set the midpoint of the salary band for this role at 1,725,800 INR. Actual salaries depend on a wide range of factors that are considered in making compensation decisions, including but not limited to skill sets; experience and training, licensure, and certifications; and other business and organizational needs.

The salary listed is just one component of BMC's employee compensation package. Other rewards may include a variable plan and country specific benefits.

We are committed to ensuring that our employees are paid fairly and equitably, and that we are transparent about our compensation practices.

(

)

Had a break in your career? No worries. This role is eligible for candidates who have taken a break in their career and want to re-enter the workforce. If your expertise matches the above job, visit to know more and how to apply.