Job Description

About Bazaarvoice
At Bazaarvoice, we create smart shopping experiences. Through our expansive global network, product-passionate community & enterprise technology, we connect thousands of brands and retailers with billions of consumers. Our solutions enable brands to connect with consumers and collect valuable user-generated content, at an unprecedented scale. This content achieves global reach by leveraging our extensive and ever-expanding retail, social & search syndication network. And we make it easy for brands & retailers to gain valuable business insights from real-time consumer feedback with intuitive tools and dashboards. The result is smarter shopping: loyal customers, increased sales, and improved products.
The problem we are trying to solve : Brands and retailers struggle to make real connections with consumers. It's a challenge to deliver trustworthy and inspiring content in the moments that matter most during the discovery and purchase cycle. The result? Time and money spent on content that doesn't attract new consumers, convert them, or earn their long-term loyalty.
Our brand promise : closing the gap between brands and consumers.
Founded in 2005, Bazaarvoice is headquartered in Austin, Texas with offices in North America, Europe, Asia and Australia.
It's official: Bazaarvoice is a in the , , , Lithuania, France, Germany and the !
The Role
As an Offensive Security Engineer, you will be a key player in our proactive security strategy. You will be responsible for identifying vulnerabilities in Bazaarvoice systems through a combination of managing third-party penetration tests and conducting your own in-depth, internal assessments. This role requires a unique blend of technical expertise, a creative and adversarial mindset, and the ability to effectively collaborate with various teams to drive remediation and enhance our overall security posture.
Shift Hours: This position will have working hours of 1:00 PM to 10:00 PM IST (Indian Standard Time) and will allow for a mixture of in-office and work from home.
What You'll Be Doing:
Third-Party Penetration Test Management: Act as the primary point of contact for our third-party penetration testing providers. You will manage the entire lifecycle of these engagements, from scoping and scheduling to triaging, validating, and documenting findings. Your efforts will ensure that we maximize the value of these assessments and that all identified vulnerabilities are properly addressed.
Internal Penetration Testing: Plan and execute internal penetration tests against Bazaarvoice's diverse portfolio of applications, infrastructure, and cloud environments. You will simulate real-world attack scenarios to uncover potential security weaknesses before they can be exploited by malicious actors.
Security Champion and Advisor: Serve as a subject matter expert in offensive security for our internal teams. You will help to foster a culture of security by providing technical guidance, sharing your expertise, and helping developers understand and address vulnerabilities.
Tooling and Automation: Research, evaluate, and implement tools and automation to enhance our offensive security capabilities and streamline our testing processes.
Bug Bounty Program Management: Develop, manage, and continuously improve the company's Bug Bounty Program. This includes defining scope, managing researcher submissions, coordinating validation and remediation efforts, and ensuring timely communication and reward payouts to the security research community.
Success in this role looks like: A measurable decrease in high-severity external vulnerability findings, a well-managed and active Bug Bounty program, and tangible security improvements driven by internal pen-test findings.
Required Skills and Experience:
-4+ years of hands-on experience in an offensive security role, such as penetration testing, red teaming, or vulnerability assessment.
-Demonstrated experience in managing the lifecycle of penetration testing engagements, including scoping, vendor management, and finding remediation.
-Proven ability to perform manual penetration tests of web applications, APIs, and cloud infrastructure (AWS, Azure, or GCP), with a strong focus on AWS security assessments.
-Strong understanding of common vulnerability classes (OWASP Top 10) and the ability to articulate their impact and remediation.
-Proficiency in at least one scripting language (e.g., Python, Go, Bash) to automate tasks and develop custom tools.
-Excellent written and verbal communication skills, with the ability to effectively communicate complex technical concepts to both technical and non-technical audiences.
-A collaborative and team-oriented mindset, with a proven ability to work effectively with cross-functional teams.
Desired Skills and Experience:
-Offensive security certifications such as OSCP, OSWE, GPEN, or GWAPT.
-Experience with a variety of security tools and frameworks (e.g., Burp Suite Pro, Caido, OWASP Zap Metasploit, Nmap).
-Experience in a Security Development Lifecycle (SDL) environment and familiarity with DevSecOps principles.
-Experience with bug bounty program management or participation.
Why You'll Love Working with Us?
Work with cutting-edge technology in a collaborative, global team
Competitive salary + good benefits (insurance, annual leave, bonuses, referral rewards, and more).
We're Great Place to Work Certified (3 years in a row!).
Hybrid work model (3 days in office - Global Technology Park, Bellandur).
#LI-Hybrid#LI-CK1
Why join Bazaarvoice?
Customer is key
We see our own success through our customers' outcomes.
We approach every situation with a customer first mindset.
Transparency & Integrity Builds Trust
We believe in the power of authentic feedback because it's in our DNA.
We do the right thing when faced with hard choices. Transparency and trust accelerate our collective performance.
Passionate Pursuit of Performance
Our energy is contagious, because we hire for passion, drive & curiosity.
We love what we do, and because we're laser focused on our mission.
Innovation over Imitation
We seek to innovate as we are not content with the status quo.
We embrace agility and experimentation as an advantage.
Stronger Together
We bring our whole selves to the mission and find value in diverse perspectives.
We champion what's best for Bazaarvoice before individuals or teams.
As a stronger company we build a stronger community.
Commitment to diversity and inclusion
Bazaarvoice provides equal employment opportunities (EEO) to all team members and applicants according to their experience, talent, and qualifications for the job without regard to race, color, national origin, religion, age, disability, sex (including pregnancy, gender stereotyping, and marital status), sexual orientation, gender identity, genetic information, military/veteran status, or any other category protected by federal, state, or local law in every location in which the company has facilities. Bazaarvoice believes that diversity and an inclusive company culture are key drivers of creativity, innovation and performance. Furthermore, a diverse workforce and the maintenance of an atmosphere that welcomes versatile perspectives will enhance our ability to fulfill our vision of creating the world's smartest network of consumers, brands, and retailers.
As part of our hiring process, a background check will be conducted. This will be done with your consent and will only include information relevant to the job.
We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.

Skills Required