Hungry. Humble. Honest.
Our values form the foundation of who we are and how we operate every day around the world. They show up in our ambition to achieve our dreams, our courage to do what matters, and our tenacity to keep customers happy.
At Nutanix, we prize those unique individuals who demonstrate empathy, respect differences, and appreciate others. If you’re authentic, credible and transparent someone who walks your talk and thrives on collaboration we want you to join our team!
Be a part of building a company that is truly leading an IT revolution. We make infrastructure invisible, elevating IT to focus on the applications and services that power their business.
Led by Dheeraj Pandey, one of CRN’s Top 25 Innovators of 2016, Nutanix welcomes big thinkers and budding entrepreneurs, those who are unafraid to take on seemingly impossible challenges and interested in learning how to build a business along the way.
Nutanix employees enjoy some amazing benefits and perks : healthcare, plenty of snacks, employee (and family) events, world renowned speakers, training and development, and much more.
See what life is like at Nutanix by following us on Twitter : NutanixCareers and Instagram : Nutanix
The ideal candidate will :
Have a strong working, hands-on knowledge of application Penetration testing and secure development lifecycle (SDL) process.
Have experience with penetration testing, related tools and techniques. Manual testing must be an area of expertise, not simply automated scanning.
Work with product teams to coordinate penetration testing, including verification of environments and accounts and negotiation of additional access when necessary
Have experience integrating static code analysis and into penetration tests
Have experience evaluating cloud environment Secuerity, Experience with Amazon Web Services ( EC2, IAM, KMS, EMR, S3, VPC, Lambda, etc), for security vulnerabilities and integrating these findings into the pen test.
Analyse our bug bounty program, static and multifaceted application security testing.
Have interest in expanding skills to Business requirement.
An understanding of network and web related protocols (such as, TCP / IP, UDP, IPSEC, HTTP, HTTPS, routing protocols).
Have experience in Docker container technology and their security best practices Experience with both virtual and containerized computing environments.
Have understanding of application development and build practices.
Security training and outreach to internal development teams.
Have strong communication skills such that defects found during penetration tests can be communicated effectively to development teams
Run ad-hoc burp security scans of web applications and APIs that present complex authentication scenarios.
BS degree or 5+ years of information security and / or application security experience.
Seasoned experience with modern web applications frameworks and their security requirements
Strong proficiency with tools like Burp Suite Professional, nmap, zap, sqlmap, dirbuster, Kali Linux generally, and other penetration testing tools
Working knowledge of Rest API testing and related tools, including Postman
Working knowledge of json, xml, http headers and related rest api authentication / authorization approaches
Knowledge of top security flaws and resolutions as listed by OWASP, SANS, NIST, CIS.
Good to have OSCP,OSCE,OSWE but not Mandatory.
Ability to write scripts in bash, python, ruby, java and similar modern programming languages
Working knowledge of at least one cloud computing platform, such as AWS or Azure
Application and system security Assessment.