Senior Penetration Test Engineer - OSCP, OSEP or OSWE Certification is a must

SonicWall is a cybersecurity forerunner with more than 30 years of expertise and is recognized as a leading partner-first company, ensuring our partners and their customers are never alone in the fight against cybercrime. With the ability to build, scale and manage security across the cloud, hybrid and traditional environments in real-time, SonicWall provides relentless security against the most evasive cyberattacks across endless exposure points for increasingly remote, mobile and cloud-enabled users. With its own threat research center, SonicWall can quickly and economically provide purpose-built security solutions to enable any organization—enterprise, government agencies and SMBs—around the world. For more information, visit www.sonicwall.com or follow us on Twitter, LinkedIn, Facebook and Instagram.

Key responsibilities:

 Perform advanced penetration testing on SonicWall products including firewalls, firmware, cloud platforms and web applications.
•    Conduct manual and automated security assessments to identify vulnerabilities in embedded systems and network devices.
•    Support PSIRT vulnerability triage, responsible disclosure and vulnerability coordination with external researchers.
•    Conduct secure code reviews for C/C++, Python and embedded firmware components.
•    Participate in security design reviews and provide recommendations during development lifecycle.
•    Test APIs, web interfaces and management consoles for security weaknesses.
•    Perform firmware analysis, reverse engineering, and exploit development to validate vulnerabilities.
•    Identify and validate CVEs, publicly know vulnerabilities and provide clear technical reports.
•    Work closely with PSIRT, engineering and product teams to reproduce and remediate security issues.
•    Develop and maintain penetration testing tools, scripts and automation frameworks.
•    Perform attack surface analysis for new and existing products.
•    Evaluate authentication, encryption and access control mechanisms in products.
•    Research new attack techniques, exploits and emerging threats relevant to SonicWall products and services.
•    Validate fixes and perform regression security testing for patched vulnerabilities.
•    Produce clear vulnerability reports including risk impact, exploitation steps and remediation guidance.

Required Qualifications: 

• University degree in the field of computers or engineering and/or 6 years equivalent work experience.
• Demonstrable experience in advanced penetration testing on firewalls, firmware, cloud platforms and web applications..
• Extensive knowledge of tools such as Kali, Nmap, Nessus, Metasploit, Acunetix, etc..
• 2+ years’ experience of Professional Web-Application Development or Source Code Review (C/C++, C#, ASP, PHP, or Java).
• Proven analytical skills and technical competence.
• Highly self-motivated and directed.

Recommended Certifications:
- OSCP (Offensive Security Certified Professional)
- OSWE (Offensive Security Web Expert)
- OSEP (Offensive Security Experienced Penetration Tester)

#LI-DS9

#LI-Bangalore

#LI-Hybrid

SonicWall is an equal opportunity employer.  

We are committed to creating a diverse environment and are an equal opportunity employer. All qualified applicants receive consideration for employment without regard to race, color, ethnicity, religion, sex, gender, gender identity and expression, sexual orientation, national origin, disability, age, marital status, veteran status, pregnancy, or any other basis prohibited by applicable law.

At SonicWall, we pride ourselves on recruiting a diverse mix of talented people and providing active security solutions in 100+ countries.

Applicant Privacy Notice