Staff Security Engineer
Bengaluru, India (Office)
Cohesity
Cohesity gives you both data security and data management. Defend against ransomware with immutable backup, AI-based early threat detection, and rapid data recovery.Cohesity is on a mission to radically simplify how organizations secure and manage their data, while unlocking limitless value. As a leader in data security and management, we make it easy to secure, protect, manage and derive value from data—across the data center, edge, and cloud. At Cohesity, we're a group of builders and go-getters who are committed to doing the right thing. We encourage you to come as you are, as our differences make us stronger.
We’ve been named a Leader by multiple analyst firms and are prominently featured in the Forbes Cloud 100 and CRN’s Coolest Cloud companies.
Join us and we'll lead the way together.
Staff Security Engineer (MTS 5 or 6) - Pen Testing
About This Role:
We are actively seeking Security Engineers to join our team. As part of our Security Engineering team, you will be responsible for enabling Secure Product release at the speed of the development team, and continuously improving Cloud and SaaS posture. The role will serve as a Cloud Security specialist in the areas of cloud architecture design, cloud security, access management, security automation, logging and monitoring, endpoint security, network security, and incident handling. Working closely infrastructure and release engineering team to automate and cloud security workflow and
You will also ensure we’re in lock step with product engineering and develop our DevSecOps enabled security services. Engaging with other teams and communicating with stakeholders will be a regular part of the job. We’re looking for an individual who’s motivated by technology, enjoys automation, and problem-solving.
Responsibilities
- Have significant hands on penetration testing experience and offensive capabilities in numerous core competency areas including web applications, mobile applications, networks, Multi tier architecture or Distributed Systems
- Having very in depth understanding of exploiting OS and Web Services
- Threat Modeling and Pen Testing of Cloud security Infrastructure & services
- Have a mature understanding of coverage and risk as an outcome of pen-testing as it relates to product security posture and business needs
- Provide guidance on short term mitigation and effective resolutions
- Track and research the latest developments in vulnerability research
- Have the ability to develop or adapt custom tooling to solve new needs
- Build relationships with engineering teams to drive Cohesity products to a mature security state
- Perform Security training and outreach to internal development tools.
Requirements
- B.S. or M.S. in Computer Science, Electrical Engineering or related experience
- 7+ years experience in web and System services level penetration testing
- Strong understanding of vulnerabilities, common attack vectors and how to resolve them
- Ability to quickly comprehend and digest application/systems designs
- Attacker mindset ability to think creatively about relevant threats and attacks
- Ability to organize and lead others in a pen test through an attack plan on complex application and systems designs
- Well-rounded background in application, network, and system security
- Familiarity with public cloud platforms (preferably AWS)
- Contributions to the security community such as research, public CVEs, bug-bounty recognitions, open-source projects, and blogs or publications
- Relevant development/scripting/automation experience in C++, Javascript, Python, Go
- Experience in Pen Tester with OSCP certification and active in bug bounty
- REST API Security testing for Authentication and Authorizations
- Able to automate API Testing with Burp+Postman
- Threat Modeling and design reviews
- Deep understanding of Cloud Security fundamentals (Cloud networks and Cloud-based Systems), including cryptography and the shared responsibility model
- Experience working in a regulated environment (SOC, ISO, PCIDSS, HIPAA, etc.)
- Strong Application Security system security, Infrastructure security knowledge
Data Privacy Notice for Job Candidates:
For information on personal data processing, please see our Privacy Policy.
Equal Employment Opportunity Employer (EEOE)
Cohesity is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, creed, religion, sex, sexual orientation, national origin or nationality, ancestry, age, disability, gender identity or expression, marital status, veteran status or any other category protected by law.
If you are an individual with a disability and require a reasonable accommodation to complete any part of the application process, or are limited in the ability or unable to access or use this online application process and need an alternative method for applying, you may contact us at 1-855-9COHESITY or talent@cohesity.com for assistance.
COVID-19
Cohesity may require employees who enter its offices to be fully vaccinated against the COVID-19 virus and to provide documented proof thereof. Cohesity will comply with applicable law regarding the reasonable accommodation of individuals who are not vaccinated because of a sincerely held religious belief, disability or medical condition. This vaccination requirement does not apply to employees who work remotely and do not enter Cohesity offices.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: APIs Application security Automation AWS C Cloud Computer Science Cryptography DevSecOps Endpoint security HIPAA JavaScript Monitoring Network security OSCP PCI DSS Pentesting PostMan Privacy Product security Python REST API SaaS Scripting SOC Vulnerabilities
Perks/benefits: Health care
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Officer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Cyber Security Specialist jobs
- Open Manager Pentest H/F jobs
- Open Cybersecurity Analyst jobs
- Open Chief Information Security Officer jobs
- Open Product Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Penetration Tester jobs
- Open Cybersecurity Consultant jobs
- Open IT Security Analyst jobs
- Open Senior Information Security Engineer jobs
- Open IT Security Engineer jobs
- Open Security Researcher jobs
- Open Security Operations Analyst jobs
- Open Sr. Security Engineer jobs
- Open Cybersecurity Specialist jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open ISO 27001-related jobs
- Open Agile-related jobs
- Open Application security-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Analytics-related jobs
- Open Threat intelligence-related jobs
- Open SaaS-related jobs
- Open Security assessment-related jobs
- Open APIs-related jobs
- Open Malware-related jobs
- Open Java-related jobs
- Open Forensics-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open CEH-related jobs
- Open DevOps-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs