Description

About Company:

Rubrik, Inc. (NYSE: RBRK), a leader in Zero Trust Data Security™, is seeking a Penetration Testing Engineer to join its Information Security team in Bangalore, India. Rubrik secures data across enterprise, cloud, and SaaS environments, enabling business resilience against cyberattacks and operational disruptions.

The Information Security team at Rubrik drives proactive measures to enhance Rubrik’s security posture, developing tools and processes for secure software development, robust monitoring, and effective incident response.

About the Role:

As a Penetration Tester, you’ll simulate real-world attack scenarios to identify vulnerabilities, assess security posture, and help design strategies to defend against cyber threats. You will work closely with vulnerability management engineers, engineering, IT, and other teams to strengthen Rubrik’s security.

Key Responsibilities include:

• Design and execute real-world attack simulations replicating threat actor tactics, techniques, and procedures (TTPs) to identify vulnerabilities in Rubrik’s products and enterprise infrastructure
• Plan, execute, and report on penetration tests for Rubrik’s products, services, and internal systems
• Continuously develop and refine exploitation techniques to enhance penetration testing effectiveness
• Prepare detailed technical reports and communicate findings to stakeholders, assisting in mitigation planning
• Assist with security investigations, root-cause analyses, and corrective measures as needed
• Collaborate with the security researcher community and manage vulnerability disclosures and resolutions
• Drive vulnerabilities to closure within established service-level agreements (SLAs), escalating issues when required
• Contribute to enhancing Rubrik’s penetration testing methodologies, documentation, and engagement reports
• Track key metrics for scaling the penetration testing program and increasing coverage and depth
• Stay updated on emerging threats, new attack techniques, and defense technologies to proactively recommend security improvements

Key Technical Skills:

Penetration testing, Red teaming, Vulnerability exploitation, Security tools, Windows & Linux internals, Cloud security, Application security, Security frameworks

Requirements:

• Bachelor’s degree in Computer Science, Information Technology, or a related field (BE/BTech or MS preferred)
• 2-4 years of practical experience in penetration testing, red team operations, vulnerability exploitation, product security, or cloud security
• Strong technical proficiency in executing cyberattacks with or without automated tools such as Burp Suite, Metasploit, Nmap, Wireshark, etc.
• Deep understanding of operating system internals (Windows, Linux) and cloud security principles across AWS, Azure, or GCP
• Knowledge of exploit frameworks, evasion techniques, and application security best practices
• Familiarity with key security standards and frameworks, including OWASP Top 10, NIST, and CIS
• Programming skills in one or more languages: Python, Perl, Ruby, or Java
• Relevant security certifications such as OSCP, OSCE, GPEN, GWAPT, GXPN are a plus
• Excellent problem-solving abilities and strong analytical skills
• Effective communication skills for delivering findings and recommendations
• Ability to work both independently and as part of a team in a fast-paced, dynamic environment