Senior Penetration Test Engineer (OSCP/OSEP/OSWE Preferred)
Location: Bengaluru, Karnataka, India
Department: Security Testing
SonicWall is a cybersecurity forerunner with more than 30 years of expertise and is recognized as a leading partner-first company, ensuring our partners and their customers are never alone in the fight against cybercrime. With the ability to build, scale and manage security across the cloud, hybrid and traditional environments in real-time, SonicWall provides relentless security against the most evasive cyberattacks across endless exposure points for increasingly remote, mobile and cloud-enabled users. With its own threat research center, SonicWall can quickly and economically provide purpose-built security solutions to enable any organization—enterprise, government agencies and SMBs—around the world. For more information, visit www.sonicwall.com or follow us on Twitter, LinkedIn, Facebook and Instagram.
Key responsibilities:
Perform advanced penetration testing on SonicWall products including firewalls, firmware, cloud platforms and web applications.
• Conduct manual and automated security assessments to identify vulnerabilities in embedded systems and network devices.
• Support PSIRT vulnerability triage, responsible disclosure and vulnerability coordination with external researchers.
• Conduct secure code reviews for C/C++, Python and embedded firmware components.
• Participate in security design reviews and provide recommendations during development lifecycle.
• Test APIs, web interfaces and management consoles for security weaknesses.
• Perform firmware analysis, reverse engineering, and exploit development to validate vulnerabilities.
• Identify and validate CVEs, publicly know vulnerabilities and provide clear technical reports.
• Work closely with PSIRT, engineering and product teams to reproduce and remediate security issues.
• Develop and maintain penetration testing tools, scripts and automation frameworks.
• Perform attack surface analysis for new and existing products.
• Evaluate authentication, encryption and access control mechanisms in products.
• Research new attack techniques, exploits and emerging threats relevant to SonicWall products and services.
• Validate fixes and perform regression security testing for patched vulnerabilities.
• Produce clear vulnerability reports including risk impact, exploitation steps and remediation guidance.
Required Qualifications:
- University degree in the field of computers or engineering and/or 6 years equivalent work experience.
- Demonstrable experience in advanced penetration testing on firewalls, firmware, cloud platforms and web applications..
- Extensive knowledge of tools such as Kali, Nmap, Nessus, Metasploit, Acunetix, etc..
- 2+ years’ experience of Professional Web-Application Development or Source Code Review (C/C++, C#, ASP, PHP, or Java).
- Proven analytical skills and technical competence.
- Highly self-motivated and directed.
Recommended Certifications:
- OSCP (Offensive Security Certified Professional)
- OSWE (Offensive Security Web Expert)
- OSEP (Offensive Security Experienced Penetration Tester)
#LI-DS9
#LI-Bangalore
#LI-Hybrid
SonicWall is an equal opportunity employer.
We are committed to creating a diverse environment and are an equal opportunity employer. All qualified applicants receive consideration for employment without regard to race, color, ethnicity, religion, sex, gender, gender identity and expression, sexual orientation, national origin, disability, age, marital status, veteran status, pregnancy, or any other basis prohibited by applicable law.
At SonicWall, we pride ourselves on recruiting a diverse mix of talented people and providing active security solutions in 100+ countries.
There are more than 50,000 engineering jobs:
Subscribe to membership and unlock all jobs
Engineering Jobs
60,000+ jobs from 4,500+ well-funded companies
Updated Daily
New jobs are added every day as companies post them
Refined Search
Use filters like skill, location, etc to narrow results
Become a member
🥳🥳🥳 452 happy customers and counting...
Overall, over 80% of customers chose to renew their subscriptions after the initial sign-up.
To try it out
For active job seekers
For those who are passive looking
Cancel anytime
Frequently Asked Questions
- We prioritize job seekers as our customers, unlike bigger job sites, by charging a small fee to provide them with curated access to the best companies and up-to-date jobs. This focus allows us to deliver a more personalized and effective job search experience.
- We've got over 200,000 jobs from 15,000+ vetted companies. No fake or sleazy jobs here!
- We aggregate jobs from 15,000+ companies' career pages, so you can be sure that you're getting the most up-to-date and relevant jobs.
- We're the only job board *for* software engineers, *by* software engineers… in case you needed a reminder! We add thousands of new jobs daily and offer powerful search filters just for you. 🛠️
- Every single hour! We add 2,000-3,000 new jobs daily, so you'll always have fresh opportunities. 🚀
- Typically, job searches take 3-6 months. EchoJobs helps you spend more time applying and less time hunting. 🎯
- Check daily! We're always updating with new jobs. Set up job alerts for even quicker access. 📅
What Fellow Engineers Say