Description

About the Company:

BMC Software is a global leader in IT solutions, aiming to transform businesses into Autonomous Digital Enterprises. With a strong culture rooted in trust, inclusiveness, and innovation, BMC offers a collaborative environment where employees are encouraged to grow, innovate, and make meaningful contributions.

About the Role:

This is a full-time role within BMC’s Product Security Group. As a Product Developer I with a focus on penetration testing, you’ll be responsible for proactively identifying and resolving security vulnerabilities across BMC’s software products. This position is ideal for candidates with strong ethical hacking and application security experience.

Responsibilities:

• Conduct thorough vulnerability assessments on applications, cloud systems, and infrastructure.
• Perform penetration tests simulating real-world cyberattacks.
• Provide expert input on application and cloud security best practices.
• Develop and implement new testing methodologies and tools.
• Collaborate with cross-functional teams for security reviews and guidance.
• Document findings with attention to detail and communicate them clearly to both technical and non-technical stakeholders.

Key Technical Skills:

Penetration testing, Metasploit, Burp Suite, Nmap, Wireshark, OWASP Top 10, SQL injection, XSS, CSRF, vulnerability scoring (CVSS), AWS, SAST tools, C/C++, Java, Python

Requirements:

• Minimum 2 years of experience in product security or equivalent areas (web, mobile, API, cloud, infrastructure, containers).
• Proven hands-on experience in penetration testing.
• Proficient with common hacking tools and frameworks like Metasploit, Burp Suite, Nmap, Wireshark.
• Strong knowledge of application security testing techniques.
• Ability to identify and exploit vulnerabilities (e.g., SQLi, XSS, CSRF).
• Understanding of CVSS for prioritizing security issues.
• Strong communication, problem-solving, and documentation skills.
• High professional integrity, with the ability to maintain confidentiality and work under pressure.
• Optional: experience in cloud security (AWS), secure code review tools (SAST), and bug bounty programs.

Company Culture & Benefits:

BMC is an equal opportunity employer offering competitive salaries, performance-based incentives, benefits starting on day one, and career re-entry support through its Returnship@BMC program. The company values diversity, work-life balance, and community involvement.