Penetration tester / Security Analyst x1

Company Description

BETSOL is a cloud-first digital transformation and data management company offering products and IT services to enterprises in over 40 countries. BETSOL team holds several engineering patents, is recognized with industry awards, and BETSOL maintains a net promoter score that is 2x the industry average.

BETSOL’s open source backup and recovery product line, Zmanda (Zmanda.com), delivers up to 50% savings in total cost of ownership (TCO) and best-in-class performance.

BETSOL Global IT Services (BETSOL.com) builds and supports end-to-end enterprise solutions, reducing time-to-market for its customers.

BETSOL offices are set against the vibrant backdrops of Broomfield, Colorado and Bangalore, India.

We take pride in being an employee-centric organization, offering comprehensive health insurance, competitive salaries, 401K, volunteer programs, and scholarship opportunities. Office amenities include a fitness center, cafe, and recreational facilities.

We are looking for a penetration tester, to join our security organization and work in collaboration with the software engineering teams, infrastructure, and product teams to create and maintain our solutions secure.

Key Responsibilities

• Perform penetration testing of new and existing environments and products – Web applications, Infrastructure and thick clients
• Writing formal penetration testing reports to both technical and non-technical audiences
• Presenting findings and remediations to the system owners
• Documenting and improving our penetration testing process.
• Identify vulnerabilities in public cloud offers (GCP, Azure and AWS)
• Research emerging security vulnerabilities and the applicability within our realm
• Take technical lead on security related topics
• Support in source code review efforts
• Triage and validate findings from our bug bounty program
Support red teaming exercises as required

Qualifications

Requirements

• 3-5 years of professional experience penetration testing or Application security.
• Understanding of multiple platforms, operating systems, software, communications, and network protocols
• Experience with scripting and development languages (ie. Python, PowerShell, JavaScript, and C#)
• Proficient in common attack tools, vulnerability assessment and static inspection tools.
• Experience using secure development frameworks (ie. OWASP Top 10, SANS Top 25 and Microsoft SDL).
• Ability to communicate with both technical and non-technical stakeholders.
• Industry related certifications is a plus (OSCP or eWPT)