Associate Product Security - Penetration Testing

Basic Information







Date Published:


Job ID:



You may occasionally be required to travel for business

Description and Requirements


"At BMC trust is not just a word - it's a way of life!" 

We are an award-winning, equal opportunity, culturally diverse, fun place to be. Giving back to the community drives us to be better every single day. Our work environment allows you to balance your priorities, because we know you will bring your best every day. We will champion your wins and shout them from the rooftops. Your peers will inspire, drive, support you, and make you laugh out loud!  

We help our customers free up time and space to become an Autonomous Digital Enterprise that conquers the opportunities ahead - and are relentless in the pursuit of innovation! 
BMC Software is looking for a motivated and skilled individual to join the Product Security Group. This is a senior technical position in the team. The candidate will be responsible for engaging with various product teams on security architecture reviews, SaaS security, penetration testing. 

A penetration tester plays a crucial role in safeguarding an organization's digital assets and information by proactively identifying and addressing security weaknesses. This role requires a high level of technical expertise, ethical conduct, and a commitment to continuous improvement in the field of cybersecurity. 

Roles and Responsibilities: 

  • You will be conducting thorough vulnerability assessments of applications and systems using various tools and techniques. 
  • You will be executing penetration tests to simulate real-world cyberattacks. 
  • You will provide subject matter expertise for application security  
  • You will be researching and developing new penetration testing methodologies/tools. 


  • 2+ years of experience in product security (combination of web, mobile, API, cloud, infrastructure and container security) or equivalent skillset. Experience with penetration testing is a must requirement. Prior participation in bug bounty programs is a big plus.
  • Familiarity with various hacking tools and penetration testing frameworks (e.g., Metasploit, Burp Suite, Nmap, Wireshark).
  • Expertise in web application security testing, including knowledge of OWASP Top Ten vulnerabilities. Proficiency in assessing web applications for common vulnerabilities like SQL injection, XSS, CSRF, and more.
  • Proficiency in exploiting vulnerabilities to gain unauthorized access and assess the impact of attacks and understanding of vulnerability scoring systems (e.g., CVSS) to prioritize findings.
  • Ability to think creatively and analytically to identify and exploit vulnerabilities. Effective problem-solving skills when encountering unexpected challenges during testing.
  • Strong verbal and written communication skills to effectively convey technical information to both technical and non-technical stakeholders. Meticulous attention to detail when conducting tests and documenting findings.
  • Effective time management skills to meet project deadlines and testing schedules.
  • Integrity, professionalism, and the ability to work under pressure and maintain confidentiality. 
Good to Have:
  • Hands-on technical experience designing and implementing security solutions for leading cloud service providers e.g., AWS.
  • Experience with secure code review (SAST) tools for C/C++, Java, and Python languages and relevant frameworks. 

Our commitment to you! 


BMC’s culture is built around its people. We have 6000+ brilliant minds working together across the globe. You won’t be known just by your employee number, but for your true authentic self. BMC lets you be YOU! 


If after reading the above, You’re unsure if you meet the qualifications of this role but are deeply excited about BMC and this team, we still encourage you to apply! We want to attract talents from diverse backgrounds and experience to ensure we face the world together with the best ideas! 


BMC is committed to equal opportunity employment regardless of race, age, sex, creed, color, religion, citizenship status, sexual orientation, gender,  gender expression,  gender identity, national origin, disability, marital status, pregnancy, disabled veteran or status as a protected veteran.  If you need a reasonable accommodation for any part of the application and hiring process, visit the accommodation request page.

BMC Software maintains a strict policy of not requesting any form of payment in exchange for employment opportunities, upholding a fair and ethical hiring process.
The annual base salary range represents the low and high end of the BMC salary range for this position. Actual salaries depend on a wide range of factors that are considered in making compensation decisions, including but not limited to skill sets; experience and training, licensure, and certifications; and other business and organizational needs.

The range listed is just one component of BMC's employee compensation package. Other rewards may include a variable plan and country specific benefits.
At BMC, it is not typical for an individual to be hired at /near the top of the range. A reasonable estimate of the current range is INR 875,250 - INR 1,458,750.


Had a break in your career? No worries. This role is eligible for candidates who have taken a break in their career and want to re-enter the workforce. If your expertise matches the above job, visit to know more and how to apply.

Min salary


Max salary