Application Security Engineer - Penetration Testing
Hungry. Humble. Honest.
Our values form the foundation of who we are and how we operate every day around the world. They show up in our ambition to achieve our dreams, our courage to do what matters, and our tenacity to keep customers happy. At Nutanix, we prize those unique individuals who demonstrate empathy, respect differences, and appreciate others. If you’re authentic, credible and transparent—someone who walks your talk and thrives on collaboration—we want you to join our team!
Be a part of building a company that is truly leading an IT revolution. We make infrastructure invisible, elevating IT to focus on the applications and services that power their business. Led by Dheeraj Pandey, one of CRN’s “Top 25 Innovators of 2016,” Nutanix welcomes big thinkers and budding entrepreneurs, those who are unafraid to take on seemingly impossible challenges and interested in learning how to build a business along the way.
Nutanix employees enjoy some amazing benefits and perks: healthcare, plenty of snacks, employee (and family) events, world renowned speakers, training and development, and much more. See what life is like at Nutanix by following us on Twitter: @NutanixCareers and Instagram: @Nutanix
Roles and Responsibilities
- Flexible and Adaptable: able to work in ambiguous situations.
- You'll be trusted to conduct security assessments from start to finish. Depending on the project you may perform white, black, or grey box assessments and may develop proof of concept code to demonstrate the severity of findings.
- Experience in performing static and dynamic analysis on web applications, API’s, and dynamic analysis on Infrastructure networks and services.
- Work with product teams to coordinate penetration testing and help them with standard possible mitigations.
- Deep understanding of cyber-security threats, vulnerabilities, security controls and remediation strategies in global enterprise environments.
- Fluent in common cybersecurity domains such as cloud security, encryption, AuthN and AuthZ, application security, penetration tests, vulnerability management, threat intelligence.
- Triaging security defects found with external pentesting/ hacker one forum.
- Experience with port scanning, vulnerability assessment and fuzzing using open source and commercial pen test tools.
- Able to conduct in-house sessions, presentations, Hackathons about security/pen test to internal team members/Development team.
- Proficient with one of the scripting languages such as bash, python, ruby etc. is a plus.
- Experienced in exploiting the web application attacks and remediating the identified attacks with the help of the development teams.
- Understanding of PKI infrastructure.
- Experienced with cloud computing technologies, virtualization and configuration of IaaS, PaaS and SaaS environments and associated software development environments using Microsoft Azure and/or AWS
- Proficient with container systems like Docker and container orchestrators like Kubernetes.
- Ability to perform secure configuration reviews on IAAS and PAAS solutions like AWS cloud infra and Kubernetes respectively.
- Certifications from SANS, Offensive Security (OSCP, OSWE, OSEP), eLearn security, is a plus.
Nutanix is an equal opportunity employer.
The Equal Employment Opportunity Policy is to provide fair and equal employment opportunity for all associates and job applicants regardless of race, color, religion, national origin, gender, sexual orientation, age, marital status, or disability. Nutanix hires and promotes individuals solely on the basis of their qualifications for the job to be filled.
Nutanix believes that associates should be provided with a working environment that enables each associate to be productive and to work to the best of his or her ability. We do not condone or tolerate an atmosphere of intimidation or harassment based on race, color, religion, national origin, gender, sexual orientation, age, marital status or disability.
We expect and require the cooperation of all associates in maintaining a discrimination and harassment-free atmosphere.