Member of Technical Staff - Bengaluru, India - Nutanix

Description

The Opportunity

Are you a skilled cybersecurity professional with experience of conducting comprehensive security assessments and crafting proof of concept code? If so, join our team as a Security Assessment Engineer, which would provide you with the opportunity to work on a range of assessments across various domains such as web, cloud, network, systems, and configurations, allowing you to showcase your expertise and contribute to enhancing overall security measures within the organization. Engineering / R&D at Nutanix The Internal Pentest Product Security team at Nutanix is dedicated to safeguarding our products through rigorous security assessments. Our mission is to conduct comprehensive evaluations across various domains including Web, APIs, Network, Cloud, Containers, Kubernetes, and distributed systems. Committed to upholding the highest standards of security, we meticulously analyze and fortify our products against potential vulnerabilities. Our team serves as the frontline defense, ensuring that Nutanix products remain resilient in the face of evolving threats. Join us in our pursuit to secure the future of technology. Your Role

Execute thorough security analyzes on various fronts, including web applications (encompassing manual code reviews and Pentesting), infrastructure networks, containers, and platform services.

Collaborate closely with product teams to orchestrate security assessments and furnish guidance on standard mitigation strategies, leveraging a nuanced comprehension of risks and the viability of proposed mitigations.

Attain a deep understanding of products through scoping calls, design documents, and perusal of the codebase.

Demonstrate proficiency in automation and scripting where necessary to streamline processes

What You Will Bring

Bachelor's or Master's degree (BE/BTech/ME/MTech) in Computer Science or equivalent.

Profound expertise in cybersecurity threats, vulnerabilities, security controls, and remediation strategies.

Fluent command over common cybersecurity domains such as cloud security, encryption, authentication, authorization, application security, network security, and automation, along with proficiency in code reviews.

Hands-on experience in scripting and automation, preferably with knowledge in Python, Go, or Java.

A holistic understanding of product design is imperative, transcending basic Pentesting to encompass business logic flaws and design vulnerabilities.

Ability to comprehend and evaluate PKI and trust systems during security assessments.

Proficiency in at least one cloud platform, either AWS or Azure, is essential.

Experience with container technologies is crucial, with a preference for familiarity with Kubernetes.

Solid understanding of Single Sign-On (SSO) systems such as OAuth, OIDC, and SAML.

Possession of hands-on security certifications is advantageous.

About the Team Meet Rajneesh Hello, I'm Rajneesh. It's been an incredible journey being a part of Nutanix for over 6 years now, contributing significantly to its security efforts. With nearly 14 years of industry experience under my belt, I bring a wealth of knowledge and expertise to the table. I'm deeply passionate about fostering a positive company culture and believe in creating an environment where every team member feels valued and empowered. What The Team Says
Our team embodies a culture of collaboration, empowerment, and results-driven focus. We prioritize establishing an environment where each team member feels valued and supported, fostering open communication and promoting constructive feedback. This culture of ours thrives on a dedication to continuous learning and the sharing of knowledge, which not only enhances our problem-solving capabilities but also fortifies our unity as a cohesive unit.
Moreover, we place significant emphasis on comprehensively understanding the applications we work with to achieve superior outcomes and ensure their security remains robust. How We Work
Our team operates under a hybrid model, with members typically spending 2-3 days a week in the office, tailored to individual availability and preferences. This setup allows for a blend of in-person collaboration and remote flexibility, ensuring optimal productivity.
We prioritize knowledge sharing and continuous learning, actively seeking out opportunities to expand our skills and stay updated on industry trends. This proactive approach fosters a culture of innovation and growth within the team, enhancing our collective expertise and problem-solving capabilities.
--