Cohesity is a leader in AI-powered data security and management. Aided by an extensive ecosystem of partners, Cohesity makes it easy to secure, protect, manage, and get value from data — across the data center, edge, and cloud. Cohesity helps organizations defend against cybersecurity threats with comprehensive data security and management capabilities, including immutable backup snapshots, AI-based threat detection, monitoring for malicious behavior, and rapid recovery at scale.

We’ve been named a Leader by multiple analyst firms and have been globally recognized for Innovation, Product Strength, and Simplicity in Design.

Join us on our mission to shape the future of our industry.

Cohesity is on a mission to radically simplify how organizations secure and manage their data, while unlocking limitless value. As a leader in data security and management, we make it easy to secure, protect, manage and derive value from data—across the data center, edge, and cloud. At Cohesity, we're a group of builders and go-getters who are committed to doing the right thing. We encourage you to come as you are, as our differences make us stronger.
 

Your Skills Can Stop Cyber Threats – Come Secure with Us
 

The security team at Cohesity is on a mission to help organizations around the world protect their data and stay ahead of evolving cyber threats. Our mission is to help organizations around the world to safeguard their data and bounce back fast from ransomware attacks.

In this role, you will be responsible for identifying vulnerabilities through code analysis and reverse engineering, and documenting your findings with detailed reports, including proof of concept (PoC) and actionable recommendations. You will also provide suggestions to strengthen the overall security posture of the target systems. Staying up to date with the latest cybersecurity trends, emerging threats, and technologies is essential, as you will contribute implementation plans to enhance the security of our product.

HOW YOU’LL SPEND YOUR TIME HERE

• You should be able to penetrate the applications, network, systems and have a diverse understanding of the current state of security, use best practices and be familiar with the vulnerability research process that includes foot printing, scanning, enumeration, systems hacking, escalation of privilege, and the tools that are deployed in each phase of the process.

• You must be able to understand product architecture and identify attack vectors which could include standard as well as proprietary protocols and use methodologies like OWASP, SANS, NIST. 

• You should be able to find 0-Day vulnerability with code analysis or reverse engineer and create a report with the appropriate recommendations / POC of the identified vulnerabilities.

• You should be able to do threat modelling of a feature and perform its validations. Additionally, you should have strong written communication skills to document and categorize the threat level of discovered vulnerabilities and make suggestions about how to improve the targets security posture.

• You should have a strong understanding of technical domains like (Applications, Platforms, Networking, etc.) as well as human interaction domains (e.g., Social Engineering), as well as an awareness about current laws that may affect the way in which the analysis is conducted. 

• You should know modern authentication protocols and have a background of cyber security. You should be well versed in cloud computing technologies and have knowledge of Windows, Linux, Unix internals. Should have in depth understanding of network security: TCP/IP, DNS, proxies, firewall configuration, intrusion detection and prevention systems, IPSec and TLS/SSL. Experience with cryptography including symmetric and asymmetric cryptography, hashing and should be able to simulate Ransomware attacks and provide suggestions to defend them. 

• Experience with tools for conducting enumeration of target environment and configuration and penetrate by tools used for system hacking (e.g., password cracking), malware creation/deployment, network traffic sniffing, session hijacking, denial of service and SQL injection. Experience in developing payloads using applications or scripts (C++,Python, Shell etc.) 

WE’D LOVE TO TALK TO YOU IF YOU HAVE MANY OF THE FOLLOWING

• Preferred Certifications: Certified Information Systems Security Professional (CISSP) | Certified Ethical Hacker (CEH) | EC-Council certified Security Analyst (ECSA) | Offensive Security Certified Professional (OSCP) | Licensed Penetration Tester (LPT)

• Minimum 5-7 years of experience in the Security Domain

• Excellent communication skills and great collaboration

• Familiarity with frameworks like NIST, MITRE ATT&CK, and CIS Controls

• Good to have experience with SIEM, IDS/IPS, endpoint protection, and other security tools.

• Knowledge of scripting (Python, Bash) or automation tools for security operations 

For information on personal data processing, please see our Privacy Policy.

Disclosure Pursuant to Applicable State Equal Pay Transparency Laws

This position has a starting pay range of $MIN - $MID per year. Actual salary depends upon many factors, including a candidate’s skills, qualifications and experience, location, and salary expectations, and therefore a starting salary at the low end, high end, or even above the stated range may be offered. This position may also be eligible for bonus compensation, commission (if in a sales function), and/or equity grants. Additionally, full-time employees are eligible to participate in our comprehensive benefits framework, including health and wellness benefits, vacation, paid holidays and refresh days, 401(k) retirement plan, life and disability insurance coverages, and other benefits the Company may offer from time to time.

Equal Employment Opportunity Employer (EEOE)

Cohesity is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, creed, religion, sex, sexual orientation, national origin or nationality, ancestry, age, disability, gender identity or expression, marital status, veteran status or any other category protected by law.

If you are an individual with a disability and require a reasonable accommodation to complete any part of the application process, or are limited in the ability or unable to access or use this online application process and need an alternative method for applying, you may contact us at 1-855-9COHESITY or talent@cohesity.com for assistance.

Data Privacy Notice for Job Candidates:

For information on personal data processing, please see our Privacy Policy.

In-Office Expectations

Cohesity employees who are within a reasonable commute (e.g. within a forty-five (45) minute average travel time) work out of our core offices 2-3 days a week of their choosing.