Description and Requirements BMC helps customers run and reinvent their businesses in the digital age by tackling their IT management challenges, championing their innovation, and celebrating their success.Every BMC employee has the potential to have a tremendous impact on customer successand when customers thrive, we all do.BMC offers bold and fearless career-seekers like you the opportunity to expand your skills, your network, and your horizons as you work to enable customer growth and innovation every day. You will be surrounded by peers who inspire you, drive you, support you, and make you laugh out loud, in an environment that fosters individuality, respect, and personal ambition.Position Description:The Product Security Group is a central entity within BMCs CTO Office and is responsible for performing threat modeling, security reviews, penetration tests and vulnerability assessments of multiple products.Primary Roles and Responsibilities:Perform security assessments of R&D products covering application, SaaS, open sourcestacks, infrastructure, containers and cloudProvide subject matter expertise for Application Security and SaaS securityDevelop security policies, standards, procedures and guidelines related to the productsecurity and release managementImplement necessary application security measures such as secure coding and securitytestingImplement necessary security tools to test, monitor and detect security eventsImplement security controls for the public cloud (such as AWS) and support monitoring and incident detection effortsQualificationsB.E /B.Tech or M.E/M.Tech in Computer Science or Information Security or equivalent experienceExperience working in SaaS environments/cloud where security is a continuous processGood experience with web, mobile, network and API security assessmentsHands on experience with DAST, SAST tools, and security platformsAbility to find security issues in functional components and business logicGood track record of having reported vulnerabilities through bug bounty programs and responsible disclosureThorough knowledge of application security standards such as OWASP Top 10, SANS Top 25, CERT Secure Coding, NIST standards.Ability to write scripts and programs to support security automation effortsSecurity certifications are a plus (OSCP, CEH, etc.)It is the policy of BMC Software to afford equal opportunity for employment to all individuals regardless of race, color, age, national origin, physical or mental disability, history of disability, ancestry, citizenship status, political affiliation, religion, gender, transgender, gender identity, gender expression, marital status, status as a parent, sexual orientation, veteran status, genetic information or other factors prohibited by law, and to prohibit harassment or retaliation based on any of these factors
BMC helps customers run and reinvent their businesses in the digital age by tackling their IT management challenges, championing their innovation, and celebrating their success. Every BMC employee has the potential to have a tremendous impact on cus... Read More
