Senior Pen Tester

Overview

Join a High-Performance Culture That Drives Innovation and Excellence. At Vertiv , we don’t just hire talent — we cultivate leaders who drive innovation and engage teams to push the limits of what’s possible. As a global leader in critical digital infrastructure , we are scaling up to meet the demands of AI, datacenters, and next-gen technology — and we need bold, high-performing individuals like you to take us to the next level.

Why Vertiv?

• High-Performance Culture: We empower you to think big, execute with excellence, and deliver impact . Our performance-driven mindset rewards those who challenge the status quo and drive meaningful change. Over 50 CEO Awards are given annually to recognize top talent moving the needle forward.

• Leadership Without Limits: Leadership at Vertiv goes beyond titles — it’s about accountability, trust, and ownership . Our leaders engage and drive with collaboration, innovation, and customer-centric thinking , laying the foundation for an action-focused culture .

• Limitless Growth & Learning: We believe in continuous development. Through rotational programs or high-impact projects , you’ll have the opportunity to expand your expertise and grow your career .

• A Place for Everyone: Our commitment to Inclusion ensures that all employees’ unique strengths and perspectives are valued. Your voice matters, your growth is prioritized, and your success is celebrated .

Position Summary:

The Senior Pen Tester is responsible for conducting security pen testing, monitoring, and auditing within a dynamic global organization. The products under test include embedded devices and cloud services (AWS/Azure). Some engagements are white-box, others are fully black-box. A successful Senior Pen Tester will evaluate weaknesses in design and implementation and focus on those gaps. Findings must be clearly documented and relayed to the design team for mitigation. The Senior Pen Tester should be versatile in attack vectors and knowledgeable across a broad range of devices from small embedded systems to large cloud ecosystems. The role interfaces with engineering teams to conduct security testing and auditing, ensuring security expectations are met across the global organization. The candidate should stay current with the latest threats and attack vectors and communicate findings clearly to a broad audience. This position is primarily based in Pune, India, and will operate under the guidance of global security processes and support regional and global engineering groups. The testing methodology should be enhanced by the Senior Pen Tester, who will develop internal testing processes and procedures.

• Conduct security evaluations and threat assessments of embedded systems, mobile applications, and web applications
• Research to identify new vulnerabilities and enhance existing capabilities
• Identify and assess weaknesses in security protections and bypass methods when appropriate
• Perform data bus monitoring (snooping) and data injection where applicable
• Analyze communications protocols in embedded products and applications
• Assess wireless communications channels for snooping and data injection
• Reverse engineer complex systems and protocols
• Create detailed technical reports and proof-of-concept code to document findings
• Plan and execute testing activities, including requirements, resources, and timelines
• Engage with engineering groups to discuss testing needs and progress and provide detailed analyses
• Provide mentorship and direction on testing activities for junior resources and drive continuous improvement in testing processes
• Ensure adherence to Vertiv Secure requirements, Vulnerability Management, and Incident Response processes
• Leverage practical skills such as functional analysis, memory image capture, static memory analysis, and data element extraction

• Bachelor’s degree in information technology, Computer Science, or related engineering field is highly desirable
• Advanced security qualifications such as CISSP or OSWE or equivalent preferred
• Eight or more years of experience in information, application, and embedded product security and/or IT risk management with a focus on security, performance, and reliability
• Solid understanding of security protocols, cryptography, authentication, authorization, and security
• Experience implementing security solutions and understanding IT risks
• Ability to interact with a broad cross-section of personnel to articulate and enforce security measures
• Excellent written and verbal communication skills and business acumen
• Strong leadership, vision, and goal-oriented mindset
• Ability to establish partnerships and influence change within a dynamic environment
• Contributions to the development lifecycle of an application, product, or service
• Hands-on real-time embedded C/C++ development experience with target hardware

• Understanding and development experience of embedded systems/software and web-based applications
• Linux network device driver/data-path performance exposure
• Familiarity with low-level development and analysis tools (compilers, debuggers, disassemblers)
• Exposure to binary analysis tools (IDA Pro, WinDbg, BinWalk, Valgrind, PIN, Panda, S2E)
• Experience with hacking tools and techniques (memory corruption, protocol poisoning, malware, etc.)
• Experience with UNIX kernel internals and Windows internals
• Ability to read and understand x86 and/or ARM assembly
• Program analysis techniques (taint analysis, symbolic execution, dynamic instrumentation)
• Understanding of cryptographic algorithms and protocols and related weaknesses
• Ability to extract software/firmware from hardware
• Experience with Git (GitHub or GitLab) and network protocol knowledge
• Experience with microcontroller tools and debugging interfaces
• Exposure to Layer 2/3 networking, QoS, and security concepts (firewalls, DPI, IDS/IPS)
• Knowledge of malware/botnet exploits targeting embedded systems
• Operating system knowledge for Windows, Linux, Android, and iOS
• Understanding of the boot process and boot loaders

The successful candidate will embrace Vertiv’s Core Principles & Behaviors to help execute our Strategic Priorities. Our Core Principles include Safety, Integrity, Respect, Teamwork, Diversity & Inclusion. Our Strategic Priorities are Customer Focus, Operational Excellence, High-Performance Culture, Innovation, and Financial Strength. Our Behaviors include Think Big and Execute, Act With Urgency, Own It, Drive Continuous Improvement, Promote Transparent and Open Communication, Learn and Seek Development, Foster a Customer-First Mindset, and Lead by Example.