Description and Requirements From core to cloud to edge, BMC delivers the software and services that enable over 10,000 global customers, including 84% of the Forbes Global 100, to thrive in their ongoing evolution to an Autonomous Digital Enterprise. Position Description:
The Product Security Group is a central entity within BMC's product organization and is responsible for performing threat modeling, security reviews, penetration tests, and vulnerability assessments of multiple products.
Primary Roles and Responsibilities:
- Perform security assessments of R&D products covering application, SaaS, open-source stacks, infrastructure, containers and cloud
- Provide subject matter expertise for Application Security and SaaS security
- Develop security policies, standards, procedures and guidelines related to the product security and release management
- Implement necessary application security measures such as secure coding and security testing
- Implement necessary security tools to test, monitor and detect security events
- Implement security controls for the public cloud (such as AWS) and support monitoring and incident detection efforts
- B.E /B.Tech or M.E/M.Tech in Computer Science or Information Security or equivalent experience
- Experience working in SaaS environments/cloud where security is a continuous process
- Good experience with web, mobile, network and API security assessments
- Hands-on experience with DAST, SAST tools, and security platforms
- Ability to find security issues in functional components and business logic
- Good track record of having reported vulnerabilities through bug bounty programs and responsible disclosure
- Thorough knowledge of application security standards such as OWASP Top 10, SANS Top 25, CERT Secure Coding, NIST standards.
- Ability to write scripts and programs to support security automation efforts
- Security certifications are a plus (OSCP, CEH, etc.)
If you need a reasonable accommodation for any part of the application and hiring process, visit the accommodation request page.
- < Back to search results
Apply on company website