Job Details

**The Elevator Pitch:** **_Why will you enjoy this new opportunity?_**The world is changing fast, and the security engineering space is changing even faster! Corporations, governments, schools, hospitals are in desperate need for digital transformation at a rapid pace. VMware is driving this transformation for 350,000 customers (which includes 98% of Fortune 500). The breadth of innovative technology at VMware is unmatched, providing an endless possibilities to learn, grow and flourish as you secure the products and services on cutting edge technologies. At VMware, you'll get exposure to a broad technology stack which you can break, hack, and help secure.As a Senior Security Engineer with VMware's Security, Compliance, and Privacy Engineering (SCoPE) team, you'll find security design flaws and vulnerabilities in VMware products and services, and offering potential remediation recommendations. You'll collaborate with security architects, development teams, stakeholders, and peers across the organization who work in various domains such as virtualization, software-defined networking, cloud security, and Kubernetes. If you're ready to work on securing the next big thing, we want to talk with you!**Success in the Role:** **_What are the performance outcomes over the first 6-12 months you will work toward completing?_**• Within 30 days, you'll learn the product/SaaS offering which you will help secure, the technology stack which they use, become familiar with the attack vectors in the related domain, and get accustomed to the code base, recent externally reported vulnerabilities, release cycles etc.• Within 90 days, you'll show competency in handling secure design reviews, threat model activities, scoping penetration testing and perform security testing of products/SaaS.• Within 1 year of employment, you'll handle multiple products and SaaS offerings, along with automating security test cases and finding innovative ways of identifying vulnerabilities in quick time and covering the entire blast radius.**The Work:** **_What type of work will you be doing? What assignments, requirements, or skills will you be performing on a regular basis?_**You'll apply your security engineering expertise in the product space to ...• Assess security for products and services as they evolve with new features• Using secure design framework to conduct reviews and threat modelling across products and SaaS offering to identify solutions and advise on remediation• Perform and scope for penetration testing across various domains (e.g. web, system, container, mobile, network, and cloud based technologies)• Utilize knowledge of OOPL (Java, C/C++, C#, JavaScript, GO, Python) to performance manual secure code reviews• Identify security vulnerabilities and control gaps• Provide actionable and practical mitigations to address security vulnerabilities by working closely with the development teams• Generate penetration test report• Analyze externally reported vulnerabilities• Automate repeatable security tests• Build tools in scripting languages such GO, Python, or Ruby to "break" stuff• Conduct vulnerability assessment**Preferred qualifications:**+ CTF experience+ Familiarity with SAST and DAST tools+ Public track record of security research like, CVEs, bug bounty recognition, conference presentation+ Security automation like, (not limited to) Burp suite automation, familiarity with Frida+ Opensource vulnerability assessment+ Security certifications**_What is the leadership like for this role? What is the structure and culture of the team like?_****The team is led by Madhusudan H.N. who is based in Bengaluru (Bangalore). Madhu's leadership encourages independent thinking and gives a free hand for the team to innovate. The vSECR team is distributed across the globe, in India, U.S, and Europe. We have a diverse, inclusive and open culture in the team. We encourage continuous learning, sharing of ideas, and thoughts, and growing together as a team. The team has diverse experience ranging from less than a year to more than 10 years who are passionate about product security. We, also, have a good presence of technical product managers, full stack developers, and security architects. The team is built on trust and empathy, and we celebrate each other's successes.****Where is the role located?**This role is fully remote and can be done anywhere in US.**What are the benefits and perks of working at VMware?**You and your loved ones will be supported with a competitive and comprehensive benefits package. Below are some highlights.• Employee Stock Purchase Plan• Medical Coverage, Retirement, and Parental Leave Plans for All Family Types• Generous Time Off Programs• 40 hours of paid time to volunteer in your community• Financial contributions to your personal/career development (conference participation, trainings, course work, certifications etc.)• Wellness reimbursement and online fitness and wellbeing classes**Category :** Engineering and Technology**Subcategory:** Software Engineering**Experience:** Manager and Professional**Full Time/ Part Time:** Full Time**Posted Date:** 2022-05-03VMware Company Overview: At VMware, we believe that software has the power to unlock new opportunities for people and our planet. We look beyond the barriers of compromise to engineer new ways to make technologies work together seamlessly. Our cloud, mobility, and security software form a flexible, consistent digital foundation for securely delivering the apps, services and experiences that are transforming business innovation around the globe. At the core of what we do are our people who deeply value execution, passion, integrity, customers, and community. Shape what's possible today at mware.com.Equal Employment Opportunity Statement: VMware is an Equal Opportunity Employer and Prohibits Discrimination and Harassment of Any Kind: VMware is committed to the principle of equal employment opportunity for all employees and to providing employees with a work environment free of discrimination and harassment. All employment decisions at VMware are based on business needs, job requirements and individual qualifications, without regard to race, color, religion or belief, national, social or ethnic origin, sex (including pregnancy), age, physical, mental or sensory disability, HIV Status, sexual orientation, gender identity and/or expression, marital, civil union or domestic partnership status, past or present military service, family medical history or genetic information, family or parental status, or any other status protected by the laws or regulations in the locations where we operate. VMware will not tolerate discrimination or harassment based on any of these characteristics. VMware encourages applicants of all ages. Vmware will provide reasonable accommodation to employees who have protected disabilities consistent with local law.