ARCHIVED
This job listing has been archived and is no longer accepting applications.
MisuJob - AI Job Search Platform MisuJob
Login Sign Up

Penetration Testing Staff Engineer - 5+ yrs

Sonicwall

Bengaluru, Karnataka, India (Bangalore) Remote permanent

Posted: November 20, 2025

Interested in this position?

Create a free account to apply with AI-powered matching

Register to Apply

Required Skills

Penetration Testing Vulnerability analysis ExploitDevelopment Firmware Debugging Binary Analysis Web Security Firmware-Updates Vulnerability Disclosure Development Tools

Job Description

SonicWall is a cybersecurity forerunner with more than 30 years of expertise and is recognized as a leading partner-first company, ensuring our partners and their customers are never alone in the fight against cybercrime. With the ability to build, scale and manage security across the cloud, hybrid and traditional environments in real-time, SonicWall provides relentless security against the most evasive cyberattacks across endless exposure points for increasingly remote, mobile and cloud-enabled users. With its own threat research center, SonicWall can quickly and economically provide purpose-built security solutions to enable any organization—enterprise, government agencies and SMBs—around the world. For more information, visit www.sonicwall.com or follow us on Twitter, LinkedIn, Facebook and Instagram.

Department: Product Security / PSIRT

Overview

As a Staff Penetration Tester within the SonicWall PSIRT, you will assess the security of SonicWall’s web applications, firmware, and network security products. This hands-on technical role involves performing end-to-end vulnerability assessments, penetration testing and coordinated vulnerability research across SonicWall’s full product ecosystem.

Key Responsibilities:

Penetration Testing & Vulnerability Assessment

• Perform manual and automated penetration testing across web applications, firmware, and network appliances.

• Identify, exploit, and document vulnerabilities across diverse layers — from web interfaces to embedded firmware and network protocols.

• Conduct vulnerability scanning of SonicWall products, VMs, servers, and backend systems

• Execute firmware and binary analysis using tools such as IDA Pro, Ghidra, and binwalk to uncover low-level security flaws.

• Perform web and API pen testing targeting OWASP Top 10 and emerging web vulnerabilities (e.g., SSRF, deserialization, logic flaws).

• Assess firmware update mechanisms, cryptographic implementations, and secure boot processes for tampering or privilege escalation risks.

• Prepare detailed vulnerability reports including exploit paths, root cause analysis, and recommended remediations.

• You will collaborate closely with engineering, QA, and development teams to identify, validate, and mitigate vulnerabilities — ensuring SonicWall products meet the highest standards of security and resilience.

• Support PSIRT investigations, including triage of internally discovered and externally reported vulnerabilities.

• Contribute to tooling, automation, and scripts that enhance penetration testing efficiency and coverage.

• Conduct independent research on novel web, network, and firmware vulnerabilities.

• Develop internal methodologies and knowledge base for consistent test execution across product domains.

Required Qualifications

• Bachelor’s degree in Computer Science, Cybersecurity, Computer or Electrical Engineering, or equivalent experience.

• 5+ years of experience in penetration testing, red teaming, or vulnerability research.

• Strong understanding of network protocols, web application security, and firmware architectures.

• Proficiency with tools such as Burp Suite, Nmap, Nessus, Metasploit, IDA Pro, Ghidra, binwalk, Scapy, Wireshark, and OWASP ZAP.

• Working knowledge of web technologies (HTTP/S, REST, TCP/IP, DNS, SMTP), Linux internals, and scripting languages (Python, Bash, PowerShell).

• Ability to perform source code reviews in C/C++, Java, C#, or Python for security flaws.

• Strong communication skills — capable of presenting technical findings to both engineers and management.

• High attention to detail, strong analytical thinking, and self-driven approach to testing complex environments.

Preferred Qualifications

• Certifications: CEH, OSCP, GPEN, GWAPT, OSWE, GREM, or equivalent.

• Experience with secure development lifecycle (SDLC) integration and DevSecOps automation.

• Familiarity with exploit development, fuzzing frameworks (boofuzz, Peach), or custom test harnesses.

• Understanding of cryptographic mechanisms, secure boot, and firmware validation.

• Prior experience contributing to CVE reporting or vulnerability disclosure programs (VDP/bug bounty).

#LI-NR5

#LI-Hybrid

SonicWall is an equal opportunity employer.

We are committed to creating a diverse environment and are an equal opportunity employer. All qualified applicants receive consideration for employment without regard to race, color, ethnicity, religion, sex, gender, gender identity and expression, sexual orientation, national origin, disability, age, marital status, veteran status, pregnancy, or any other basis prohibited by applicable law.

At SonicWall, we pride ourselves on recruiting a diverse mix of talented people and providing active security solutions in 100+ countries.

Applicant Privacy Notice

Why Apply Through MisuJob?

AI-Powered Job Matching: MisuJob uses advanced artificial intelligence to analyze your skills, experience, and career goals. Our matching algorithm compares your profile against thousands of job requirements to find positions where you have the highest chance of success. This saves you hours of manual job searching and ensures you only see relevant opportunities.

One-Click Applications: Once you create your profile, applying to jobs is effortless. Your resume and cover letter are automatically tailored to highlight the most relevant experience for each position. You can apply to multiple jobs in minutes, not hours.

Career Intelligence: Beyond job matching, MisuJob provides valuable career insights. See how your skills compare to market demands, identify skill gaps to address, and understand salary benchmarks for your experience level. Make data-driven decisions about your career path.

Frequently Asked Questions

How do I apply for this position?

Click the "Register to Apply" button above to create a free MisuJob account. Once registered, you can apply with one click and track your application status in your dashboard.

Is MisuJob free for job seekers?

Yes, MisuJob is completely free for job seekers. Create your profile, get matched with jobs, and apply without any cost. We help you find your dream job without any hidden fees.

How does AI matching work?

Our AI analyzes your resume, skills, and experience to understand your professional profile. It then compares this against job requirements using natural language processing to calculate a match percentage. Higher matches mean better fit for the role.

Can I apply to jobs in other countries?

Absolutely. MisuJob features jobs from companies worldwide, including remote positions. Filter by location or look for remote opportunities to find jobs that match your preferences.

Ready to Apply?

Join thousands of job seekers using MisuJob's AI to find and apply to their dream jobs automatically.

Create Free Account Sign In
← Browse all jobs
Register to Apply