Information Security Engineer(5-8 years of experience)
- Bangalore, India
The Elevator Pitch:
You are the cool kid who gets paid to break into networks, systems, and applications legally. Along the way, you may make use of any open-source penetration tools or you may design some of these tools yourself. Your work helps VMware to become more secure against potential cyber-attacks and has a significant impact on security risk to VMware and its customers.
What is the primary need, technical challenge, and/or problem you will be responsible for?
With our growth of technology offerings and cloud services footprint, we must increase penetration testing in order to discover existing vulnerabilities and logic flaws that may be hidden in VMware applications and infrastructures. You will be part of the Red team to conduct security tests, review findings, and suggest corrective actions with the concerned teams and management.
Success in the Role: What are the performance goals over the first 6-12 months you will work toward completing?
- You will assess and approve firewall change requests within SLA
- You will validate and provide risk assessment on security issues reported by external researchers within 48 hours
- You will conduct application and infrastructure penetration tests independently
- You will provide remediation support on penetration test findings
What type of work will you be doing? What assignments, requirements, or skills will you be performing on a regular basis?
- Perform security testing to identify weaknesses and countermeasures and providing timely assessment reports to key stakeholders
- Conduct attack surface reviews and recommend layered defenses to prevent exploits, detect and intercept attacks, and discover threat agents
- Perform complex security test data analysis in support of security vulnerability assessment processes, including root cause analysis
- Monitor vulnerability disclosure mailing lists and threat intelligence feeds to identify and triage new threats and vulnerabilities targeting VMware
- Serve as an escalation point on issues, dependencies, and risks related to security testing and vulnerability management.
What is the leadership like for this role? What is the structure and culture of the team like?
The hiring manager for this role is Peter Chen, Senior Manager of Red Team. Peter has 15 years' experience in a variety of roles in information security. He started his career as a software engineer from developing low-level device drivers to 3-tiers web applications. He then took his engineering background to the information security field where he focused on data loss prevention, vulnerability management, and penetration testing.
Peter's management philosophy is about encouraging everyone on the team to be an independent thinker and working smart instead of working long. Currently, the Red team is made up of 5 highly skilled pen testers who come from diverse technical backgrounds, but have a common passion for finding security weaknesses in VMware infrastructures and applications.
What are the benefits and perks of working at VMware?
You and your loved ones will be supported with a competitive and comprehensive benefits package. Below are some highlights, or you can view the complete benefits package by visiting www.benefits.vmware.com.
- Employee Stock Purchase Plan
- Medical Coverage, Retirement, and Parental Leave Plans for All Family Types
- Generous Time Off Programs
- 40 hours of paid time to volunteer in your community
- Rethink's Neurodiversity program to support parents raising children with learning or behavior challenges, or developmental disabilities
- Financial contributions to your ongoing development (conference participation, trainings, course work, etc.)
- Healthy and local inspired snacks in all our on-site pantries
VMware is an Equal Opportunity Employer and Prohibits Discrimination and Harassment of Any Kind: VMware is committed to the principle of equal employment opportunity for all employees and to providing employees with a work environment free of discrimination and harassment. All employment decisions at VMware are based on business needs, job requirements and individual qualifications, without regard to race, color, religion or belief, national, social or ethnic origin, sex (including pregnancy), age, physical, mental or sensory disability, HIV Status, sexual orientation, gender identity and/or expression, marital, civil union or domestic partnership status, past or present military service, family medical history or genetic information, family or parental status, or any other status protected by the laws or regulations in the locations where we operate. VMware will not tolerate discrimination or harassment based on any of these characteristics. VMware encourages applicants of all ages. VMware will provide reasonable accommodation to employees who have protected disabilities consistent with local law.
Back to top