דרושים » אבטחת מידע וסייבר » Pentest Product Associate

משרות על המפה
 
בדיקת קורות חיים
VIP
הפוך ללקוח VIP
רגע, משהו חסר!
נשאר לך להשלים רק עוד פרט אחד:
 
שירות זה פתוח ללקוחות VIP בלבד
AllJObs VIP
כל החברות >
סגור
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
סגור
v נשלח
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
1 ימים
חברה חסויה
Location: Tel Aviv-Yafo
Job Type: Full Time
Were looking for a Pentest Product Associate to join our Product team and help expand our power.
In this pivotal role, you will be the primary operator of our cutting-edge AI-driven Dynamic Application Security Testing (DAST) agent while simultaneously innovating detection mechanisms for cloud-native technologies.
You will bridge the gap between automated AI testing and cloud infrastructure, defining the "rules of engagement" for our agents to ensure they effectively simulate sophisticated attacks and accurately classify the modern attack surface.
WHAT YOULL DO
Engineer Detection & Attack Logic: Develop advanced detection algorithms to classify cloud technologies while fine-tuning the attack policies that define how our agents identify and exploit vulnerabilities.
Validate Complex Findings: Analyze cloud services, APIs, and log payloads to review complex attack paths, reducing false positives and ensuring compliance with industry standards.
Research Novel Threats: Stay at the forefront of novel attack vectors and emerging cloud/API threats, translating new techniques into executable behaviors for the DAST engine.
Drive Product Evolution: Collaborate directly with Research, Backend, and R&D teams to turn operational insights into feature requests, positioning us as the market leader in vulnerability management.
Requirements:
WHAT YOULL BRING
2+ years of hands-on experience in AppSec or penetration testing, including proficiency with enterprise tools like Burp Suite, OWASP ZAP, or Acunetix.
Solid knowledge of networking concepts, the OSI model, and cloud infrastructure (AWS, Azure, or GCP).
Hands-on experience with Linux, Windows, Docker, Kubernetes, and a strong command of web protocols (HTTP/S, REST, GraphQL) and auth mechanisms (OAuth, SAML).
Proficiency in scripting languages such as Python, Bash, or Go to automate security tasks and interact directly with the codebase.
An analytical mindset with the ability to diagnose complex logs and scans to distinguish between tool failures, configuration issues, and valid security findings.
Self-motivated with the ability to work collaboratively and communicate high-stakes security concepts effectively across teams.

BONUS POINTS
Knowledge of AI/ML and how LLMs or reinforcement learning agents operate within a cybersecurity context.
SaaS and cloud experience with familiarity in AWS, Azure, or GCP environments and modern cloud-native architectures.
A red teaming background with experience in simulated adversarial attacks and bypassing standard WAF or security controls.
This position is open to all candidates.
 
Hide
הגשת מועמדותהגש מועמדות
עדכון קורות החיים לפני שליחה
עדכון קורות החיים לפני שליחה
8740823
סגור
שירות זה פתוח ללקוחות VIP בלבד
משרות דומות שיכולות לעניין אותך
סגור
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
סגור
v נשלח
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
28/06/2026
Location: Tel Aviv-Yafo
Job Type: Full Time
We're looking for a Principal Cloud Security Researcher to serve as a senior technical leader within our Research team. This is a high-impact individual contributor role -- you won't manage people, but you'll shape the direction of our entire research function, mentor researchers, and act as a force multiplier across the organization.
You'll be the person who takes a vague threat signal and turns it into a detection strategy, a published finding, or a product capability. You'll operate as a trusted deputy to the research team lead, owning the most complex and ambiguous research challenges while raising the technical bar for the team.
What You'll Do
Drive Groundbreaking Research
Own and drive our most critical research initiatives end-to-end - from initial threat hypothesis through detection logic, product integration, and external publication.
Set the technical direction for cloud threat research across AWS, Azure, and GCP, identifying emerging attack surfaces and novel techniques before they become mainstream threats.
Investigate real-world cloud and SaaS security incidents, dissecting attacker tradecraft and extracting insights that evolve our detection capabilities.
Pioneer new forensic investigation techniques and detection methodologies for cloud-native and SaaS environments - pushing the state of the art, not just following it.
Be a Voice in the Community

Represent our company as a thought leader through high-quality research publications, conference presentations (BlackHat, DEF CON, RSA, fwd:cloudsec, and similar venues), and open-source contributions.
Build and maintain our reputation as a research-driven company that advances the field - not just a vendor with a blog.
Engage with the broader security research community, fostering relationships and collaborative knowledge-sharing.
Shape the Product

Bridge research and product - translate threat findings into actionable product requirements, working closely with engineering and product teams to ensure our CDR platform stays ahead of evolving threats.
Design and develop advanced detection algorithms that directly feed into our platform, closing the gap between research insight and customer protection.
Elevate the Team
Act as the team's go-to technical authority. When researchers hit a wall on complex cloud attack chains, IAM edge cases, or detection gaps - you're who they turn to.
Mentor and grow other researchers through research reviews, pair investigations, code reviews, and by setting quality standards and methodology best practices.
Influence technical decisions org-wide - contributing to architecture, tooling, and strategic research priorities.
Step in as the research team lead's deputy when needed - driving prioritization, representing research cross-functionally, and ensuring continuity.
Requirements:
8+ years in security research, threat research, or closely related fields (offensive security, detection engineering, incident response, cloud security engineering). Fewer years are fine if your depth and track record are exceptional.
Deep multi-cloud expertise - strong hands-on experience across at least two of the major cloud providers (AWS, Azure, GCP), with working knowledge of the third. You understand the IAM models, logging pipelines, APIs, and attack surfaces that matter in each.
A track record of original research - you've published meaningful technical findings through blog posts, conference talks, open-source tools, or vulnerability discoveries that moved the needle. We want someone who doesn't just consume research - you produce it.
Strong adversarial mindset and critical thinking - you think like an attacker targeting cloud infrastructure, SaaS platforms, identity systems, and Kubernetes. You can model threat scenarios, map out attack paths, and poke holes in defenses.
This position is open to all candidates.
 
Show more...
הגשת מועמדותהגש מועמדות
עדכון קורות החיים לפני שליחה
עדכון קורות החיים לפני שליחה
8712545
סגור
שירות זה פתוח ללקוחות VIP בלבד
סגור
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
סגור
v נשלח
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
חברה חסויה
Location: Tel Aviv-Yafo
Job Type: Full Time
We are looking for talented hackers to join our unique Adversarial Tactics Department. As a Red Team Expert ,you will work with clients to build their resiliency, i.e their capability to prevent and to sustain attacks. You will also be involved in IR engagements with companies that were attacked by adversaries, learn new TTPs and apply those in Red and Purple team engageents.
Your responsibility as a Cyber consultant is to bring the attackers perspective to engagements. You will help design, create and execute Adversary Simulation exercises, and perform attacks against client services, platforms and infrastructure. This will include, among other things, identifying vulnerabilities through simulated external and internal attacks, validating and enhancing an organizations ability to respond and recover from targeted attacks and persistent adversaries.
Requirements:
5+ years of Red Teaming or Adversarial Simulation Experience.
Experience conducting internal and external penetration testing.
Experience designing and/or executing phishing campaigns.
Experience in social engineering.
Experience with EDR/XDR evasion and bypass techniques.
Deep familiarity with Active Directory attacks and defenses.
Extensive experience in penetration testing methodologies and tools.
Deep technical understanding of a broad technology set and the ability to learn new information at a rapid pace.
Proven presentation skills.
Developing, extending, or modifying exploits, shellcode or exploit tools.
Willingness to travel abroad.
Advantages:
Background in application security.
Experience developing tools in one or more of the following: C/C++, Bash, C#, Python, Java, or PowerShell.
Experience with cloud penetration testing (AWS, Azure, Google Cloud Platform).
Fluent English (written and spoken).
This position is open to all candidates.
 
Show more...
הגשת מועמדותהגש מועמדות
עדכון קורות החיים לפני שליחה
עדכון קורות החיים לפני שליחה
8739929
סגור
שירות זה פתוח ללקוחות VIP בלבד