דרושים » אבטחת מידע וסייבר » Penetration Tester

Join our global team of elite ethical hackers, working with both our company and non-company customers across industries worldwide. Collaborate with our companys research and Incident Response teams to uncover cutting-edge cyber threats, gaining exposure to the most advanced security challenges in the field.
Key Responsibilities
Conduct penetration testing on applications and network environments to identify vulnerabilities and security gaps.
Develop and document testing plans and penetration test reports with clear findings and recommendations.
Perform reconnaissance and network surveys to assess target environments.
Research security tools, exploits, and emerging threats, contributing to blogs and knowledge-sharing initiatives.
Analyze vulnerabilities, exploit weaknesses, and escalate access where applicable.
Assist in malware analysis and breach investigations to support incident response efforts.
Stay up to date with the latest attack techniques, tools, countermeasures, and technologies.
Mentor new team members and contribute to the development of tools, templates, and methodologies for penetration testing.

We are looking for a senior web penetration tester to join our team.
You need to be independent, attentive to details, organized, eager to learn new things, and like to research and solve problems
What youll do:
Performing highly technical penetration testing for the biggest companies in the world
Participate in Red Team projects, find undocumented API, reverse applications, bypass security checks
Take part in developing internal security tools

CYE is looking for a Red Team Expert with a deep understanding of both information security and computer science. The right person will have to learn advanced concepts such as application manipulation, exploit development, and stealthy operations. This is not a press the button type of job! This career is technical and challenging with opportunities to work in some of the most exciting areas of security on extremely technical and challenging work. A typical job could be breaking into a segmented secure zone at a Fortune 500 organization, reverse engineering an application and both developing and exploiting the most recent vulnerabilities, all without being detected.
Responsibilities:
Global organization red-team assessments and security posture
Co-ordinate and execute systems and network level advanced red team exercises for different environments
Design and develop scripts, frameworks and tools required for facilitating and executing complex undetected attacks
Configure and troubleshoot security infrastructure devices
Develop technical solutions and new security capabilities to help mitigate security vulnerabilities and automate repeatable tasks
Write or assist with comprehensive reports including assessment-based findings, outcomes and propositions for further system security enhancement

We're seeking innovative cybersecurity professionals to lead our advanced threat assessment program. In this role, you'll spearhead continuous internal security evaluations and coordinate with elite external partners to execute comprehensive penetration testing strategies. Your expertise will be crucial in identifying potential vulnerabilities and guiding both internal and external teams to explore the full spectrum of our attack surface. This position requires a deep understanding of application security offensive security techniques, coupled with the ability to strategically direct resources for maximum impact. Ideal candidates will possess a passion for uncovering system weaknesses, a talent for thinking like an adversary, and the skills to translate technical findings into actionable intelligence. Join us in crafting a robust, proactive security posture that stays ahead of emerging threats and keeps our defenses at the cutting edge of cybersecurity.
The successful candidate will thrive in a fast-paced environment where energy, drive, and a collaborative approach are key to success. And of course, a passion for bug hunting.
Your Impact
Conduct penetration tests against our products including appliances, applications, cloud services, and APIs
Engage with business owners in pre-engagement activities including scope definition, environment setup and scheduling
Prepare and deliver technical reports to business owners and InfoSec partners
Assist, as a subject matter expert, in remediation planning and execution
Perform security assessments, root-cause analysis and corrective measures as required
Occasionally plan and manage engagements to be executed by external partners when needed
Assist in the management of application security programs like continuous scanning, bug bounty, secure development lifecycle and others
Stay current on exploitation and post-exploitation techniques and incorporate them into the penetration testing arsenalunting.

We are looking for a Threat Detection Engineer.
This role combines a blend of skill sets including security operations & incident response, data analytics, risk management, software development, and threat research. If you enjoy researching cloud security issues and developing detection content as code, all in a fast-paced environment with broad collaboration across a diverse team, this role is for you.

we are looking for a talented Application Security Specialist to be a part of our team. As an Application Security Specialist, you will take an active role in penetration testing and security development lifecycle activities that will help evaluate our customers security level and improve it. A typical job could be breaking into a critical system of a Fortune 500 organization, analyzing and finding vulnerabilities in a sensitive system to extract data, and assessing the Secure-SDLC security gaps in a large department in a huge enterprise.
Responsibilities:
Ensure customers security by hands-on penetration testing, hypothesizing threats, helping development teams remediate risks upfront, and executing secure implementation efforts.
Identify, communicate, and drive the resolution of vulnerabilities.
Research and advocate for new application security technologies and hacking techniques, including web, mobile, and thick client applications.
Perform Secure Software Development Lifecycle and secure coding training for developers.
Manage, evaluate, and improve the application security development lifecycle of our clients.