About Bazaarvoice

At Bazaarvoice, we create smart shopping experiences. Through our expansive global network, product-passionate community & enterprise technology, we connect thousands of brands and retailers with billions of consumers. Our solutions enable brands to connect with consumers and collect valuable user-generated content, at an unprecedented scale. This content achieves global reach by leveraging our extensive and ever-expanding retail, social & search syndication network. And we make it easy for brands & retailers to gain valuable business insights from real-time consumer feedback with intuitive tools and dashboards. The result is smarter shopping: loyal customers, increased sales, and improved products.

The problem we are trying to solve : Brands and retailers struggle to make real connections with consumers. It's a challenge to deliver trustworthy and inspiring content in the moments that matter most during the discovery and purchase cycle. The result? Time and money spent on content that doesn't attract new consumers, convert them, or earn their long-term loyalty.

Our brand promise : closing the gap between brands and consumers.

Founded in 2005, Bazaarvoice is headquartered in Austin, Texas with offices in North America, Europe, Asia and Australia.

It’s official: Bazaarvoice is a Great Place to Work in the US , Australia, India, Lithuania, France, Germany and the UK!

We are looking for a Senior Offensive Security Engineer who is a "Jack of all trades, Master of some." You don’t need to be a world-class Red Teamer AND a Cloud Architect; rather, you need a solid foundation in offensive security, operational experience in cloud platforms (AWS/GCP) and the maturity to manage our external penetration testing and bug bounty programs. As a leader within our proactive security strategy, you will drive the identification of complex vulnerabilities through expert management of third-party tests and by leading sophisticated, in-depth internal assessments of our cloud infrastructure. You will operate with a high degree of autonomy, tackling significant security challenges while mentoring others to influence strategy across the organization.

Shift Hours: This position will have working hours of 1:00 PM to 10:00 PM IST (Indian Standard Time) and will allow for a mixture of in-office and work from home.

What You'll Be Doing:

Lead Offensive Security Engagements: Own and execute complex, end-to-end internal penetration tests against Bazaarvoice's most critical applications, infrastructure, and cloud environments. You will simulate advanced, multi-stage attack scenarios to uncover systemic security weaknesses before they can be exploited.
Program and Tooling Enhancement: Take a lead role in defining the strategy for our offensive security capabilities. You will research, prototype, and implement new tools, techniques, and automation to mature our testing processes and keep pace with the evolving threat landscape.
Strategic Third-Party Penetration Test Management: Act as the primary technical lead for our third-party penetration testing program. You will not only manage the engagement lifecycle but also define the strategic direction of our testing roadmap, ensuring we partner with providers to target the highest-risk areas of our business.
Bug Bounty Program Leadership: Design, lead, and operate all aspects of our bug bounty program, serving as the technical interface for third-party researchers and coordinating internal responses to submitted vulnerability findings, ensuring clear communication and timely resolution.
Mentorship and Technical Leadership: Mentor junior team members and act as a security champion and trusted advisor to engineering teams. You will elevate the security knowledge across the organization by leading training sessions, developing secure coding guidelines, and providing expert consultation on secure architecture.
Threat Modeling: Proactively engage with development teams early in the SDLC to conduct threat modeling exercises, helping them build more secure products from the ground up.

Required Skills and Experience:

Bachelor's degree in Computer Science, Information Security, or a related field, or equivalent practical experience with 10+ years of related experience.
7+ years of hands-on experience in offensive security, with a strong background in penetration testing, red teaming, or application security.
Operational Cloud Expertise: 3-5 years of hands-on experience operating in, managing, or performing manual penetration tests of cloud infrastructure (AWS preferred), with a deep understanding of cloud-native attack vectors (e.g., IAM exploitation, container escapes, and serverless security).
Expert-level knowledge in managing the lifecycle of penetration testing engagements and a proven track record of driving remediation efforts in a complex, multi-team environment.
Deep and practical understanding of common and advanced vulnerability classes (OWASP Top 10 and beyond) and the ability to architect solutions to remediate them at scale.
High proficiency in one or more scripting languages (e.g., Python, Go, Bash) for advanced tool development and automation of complex tasks.
Exceptional communication and interpersonal skills, with a demonstrated ability to influence technical and non-technical stakeholders at all levels, including senior leadership.
A proven history of mentorship and a passion for elevating the skills of those around you.

Desired Skills and Experience:

Advanced offensive security certifications such as OSCP, OSWE, OSEP, GPEN, GXPN, or equivalent.
Deep expertise in AWS cloud security operations and infrastructure-as-code security.
Experience building and maturing an offensive security program or function.
Demonstrated experience leading red team or purple team exercises.
Published security research, conference presentations, or active contributions to the open-source security community.
Experience in a Security Development Lifecycle (SDL) environment and a history of implementing DevSecOps principles.

Why You’ll Love Working with Us?

Work with cutting-edge tech in an innovative, collaborative environment.

Competitive salary + good benefits (insurance, annual leave, bonuses, referral rewards, and more).

We’reGreat Place to Work Certified (3 years in a row!).

Hybrid work model (3 days in office – Prestige Tech Pacific, Kadubeesanahalli).



Interview Process:

Tech Round 1

Tech Round 2

Hiring Manager Meeting: Team, values & culture check.

Final Round: Chat with HR/Senior Leadership.



Ready to take on the challenge? Apply now!

#LI-Hybrid#LI-CK1

Why join Bazaarvoice?

Customer is key

We see our own success through our customers’ outcomes.

We approach every situation with a customer first mindset.

Transparency & Integrity Builds Trust

We believe in the power of authentic feedback because it’s in our DNA.

We do the right thing when faced with hard choices. Transparency and trust accelerate our collective performance.

Passionate Pursuit of Performance

Our energy is contagious, because we hire for passion, drive & curiosity.

We love what we do, and because we’re laser focused on our mission.

Innovation over Imitation

We seek to innovate as we are not content with the status quo.

We embrace agility and experimentation as an advantage.

Stronger Together

We bring our whole selves to the mission and find value in diverse perspectives.

We champion what’s best for Bazaarvoice before individuals or teams.

As a stronger company we build a stronger community.

Commitment to diversity and inclusion

Bazaarvoice provides equal employment opportunities (EEO) to all team members and applicants according to their experience, talent, and qualifications for the job without regard to race, color, national origin, religion, age, disability, sex (including pregnancy, gender stereotyping, and marital status), sexual orientation, gender identity, genetic information, military/veteran status, or any other category protected by federal, state, or local law in every location in which the company has facilities. Bazaarvoice believes that diversity and an inclusive company culture are key drivers of creativity, innovation and performance. Furthermore, a diverse workforce and the maintenance of an atmosphere that welcomes versatile perspectives will enhance our ability to fulfill our vision of creating the world’s smartest network of consumers, brands, and retailers.

As part of our hiring process, a background check will be conducted. This will be done with your consent and will only include information relevant to the job.

Senior Offensive Security Engineer

Shift Hours: This position will have working hours of 1:00 PM to 10:00 PM IST (Indian Standard Time) and will allow for a mixture of in-office and work from home.

What You'll Be Doing:

Program and Tooling Enhancement: Take a lead role in defining the strategy for our offensive security capabilities. You will research, prototype, and implement new tools, techniques, and automation to mature our testing processes and keep pace with the evolving threat landscape.

Bug Bounty Program Leadership: Design, lead, and operate all aspects of our bug bounty program, serving as the technical interface for third-party researchers and coordinating internal responses to submitted vulnerability findings, ensuring clear communication and timely resolution.

Threat Modeling: Proactively engage with development teams early in the SDLC to conduct threat modeling exercises, helping them build more secure products from the ground up.

Required Skills and Experience:

Bachelor's degree in Computer Science, Information Security, or a related field, or equivalent practical experience with 10+ years of related experience.

7+ years of hands-on experience in offensive security, with a strong background in penetration testing, red teaming, or application security.

Operational Cloud Expertise: 3-5 years of hands-on experience operating in, managing, or performing manual penetration tests of cloud infrastructure (AWS preferred), with a deep understanding of cloud-native attack vectors (e.g., IAM exploitation, container escapes, and serverless security).

Expert-level knowledge in managing the lifecycle of penetration testing engagements and a proven track record of driving remediation efforts in a complex, multi-team environment.

Deep and practical understanding of common and advanced vulnerability classes (OWASP Top 10 and beyond) and the ability to architect solutions to remediate them at scale.

High proficiency in one or more scripting languages (e.g., Python, Go, Bash) for advanced tool development and automation of complex tasks.

Exceptional communication and interpersonal skills, with a demonstrated ability to influence technical and non-technical stakeholders at all levels, including senior leadership.

A proven history of mentorship and a passion for elevating the skills of those around you.

Desired Skills and Experience:

Advanced offensive security certifications such as OSCP, OSWE, OSEP, GPEN, GXPN, or equivalent.

Deep expertise in AWS cloud security operations and infrastructure-as-code security.

Experience building and maturing an offensive security program or function.

Demonstrated experience leading red team or purple team exercises.

Published security research, conference presentations, or active contributions to the open-source security community.

Job Details

Tools & Tech