Cyberark Senior Penetration Testing Engineer 

Israel 

394995390

As a Senior Penetration Tester in CyberArk Labs, you will be the go-to-guy to find traditional and creative ways to break all kinds of products. You will also take part in building robust solutions

• Hands-on penetration testing of CYBR products.
• Assist, mentor, and educate about internal secure development methodologies and CYBR's "Security Champions" program.
• Present findings and work closely with software architecture and development teams to ensure products are developed in line with our security standards.
• Building custom instrumentation and tools to assist in security assessments.
• Leading security research projects focused on finding vulnerabilities and on innovation of new security layers and approaches

What you need to succeed:

• At least 5 years of experience in hands-on security research and security code review.
• Hands-on experience in penetration testing cloud, web, and mobile applications.
• Experience with code security surveys - ability to read code and identify security issues.
• Experience and knowledge with open source and commercial P.T tools for scanning and detecting weaknesses.
• Demonstrated experience in scripting (Python, Powershell, Bash) and software development (C, C++, C#, Java)
• Deep understanding of security principles, theories, and attacks.
• Deep understanding of network protocols and data security.
• Knowledge of encryption methods and protocols.
• Ability to work in a dynamic, fast-moving, and growing environment
• Good self-learner and out of the box thinker
• Fluent in English and Hebrew (speaking and writing), presentation and crowd-facing skills
• At least one article on a technical topic in a well-known website/media news

How will you stand out from the crowd:

• Offensive Security Certifications such as OSCP, AWAE, OSCE.
• Bachelor's degree in Computer Science or related field.
• IDF service in an elite technology unit
• Examples of thought leadership activities in the security space (e.g. blog posts or conference talks).
• Experience evaluating and implementing various categories of software security tools (e.g. SAST, DAST, SCA)
• Demonstrated security research activities (e.g. participation in bug bounties or credit for reporting CVEs).
• Experience working with MAC OS.
• Experience with assessment of containerized environments (docker, k8s).
• Reverse Engineering skills.