Senior Penetration Testing Engineer

Who we are:

CyberArk (NASDAQ: CYBR), the global leader in Identity Security, Centered on privileged access management, CyberArk provides the most comprehensive security offering for any identity – human or machine – across business applications, distributed workforces, hybrid cloud workloads and throughout the DevOps lifecycle. The world’s leading organizations trust CyberArk to help secure their most critical assets. 

What will you do:)

As a Penetration Tester in CyberArk Labs, you will be the go-to-guy to find traditional and creative ways to break all kinds of products. You will also take part in building robust solutions

• Hands-on penetration testing of CYBR products.
• Assist, mentor, and educate about internal secure development methodologies and CYBR's "Security Champions" program.
• Present findings and work closely with software architecture and development teams to ensure products are developed in line with our security standards.
• Building custom instrumentation and tools to assist in security assessments.
• Leading security research projects focused on finding vulnerabilities and on innovation of new security layers and approaches.

What you need to succeed:

• At least 4 years of experience in hands-on security research and security code review.
• Hands-on experience in penetration testing cloud, web, and mobile applications.
• Experience with code security surveys - ability to read code and identify security issues.
• Experience and knowledge with open source and commercial P.T tools for scanning and detecting weaknesses.
• Demonstrated experience in scripting (Python, Powershell, Bash) and software development (C, C++, C#, Java)
• Deep understanding of security principles, theories, and attacks.
• Deep understanding of network protocols and data security.
• Knowledge of encryption methods and protocols.
• Ability to work in a dynamic, fast-moving, and growing environment
• Good self-learner and out of the box thinker
• Fluent in English and Hebrew (speaking and writing), presentation and crowd-facing skills

How will you stand out from the crowd:

• Offensive Security Certifications such as OSCP, AWAE, OSCE.
• Bachelor's degree in Computer Science or related field.
• IDF service in an elite technology unit
• Examples of thought leadership activities in the security space (e.g. blog posts or conference talks).
• Experience evaluating and implementing various categories of software security tools (e.g. SAST, DAST, SCA)
• Demonstrated security research activities (e.g. participation in bug bounties or credit for reporting CVEs).
• Experience working with MAC OS.
• Experience with assessment of containerized environments (docker, k8s).
• Reverse Engineering skills. 

o learn more about CyberArk, visit https://www.cyberark.com, read the CyberArk blogs or follow on Twitter via @CyberArk, LinkedIn or Facebook.

#LI-OS1