Cloud Attack Researcher

Come Hack With Us!

Join us on our mission of protecting organizations against the most advanced attackers in the world!

Pentera is the leader for Automated Security Validation, allowing every organization to test with ease the integrity of all cybersecurity layers, unfolding true, current security exposures at any moment, at any scale. As a result, thousands of security professionals and service providers worldwide use our platform to guide remediation and close security gaps before they are exploited.

We are a unicorn with more than 320 employees around the globe, with over 800 customers in production in more than 50 countries!

Pentera has won various Industry Awards, including the Frost & Sullivan “Best Practices Award for Global Breach & Attack Simulation (BAS) Market Leadership 2022 and the 2020 Gartner Cool Vendor Award. We are backed by Top tier investors such as Insight Partners, K1 Investment Management, The Blackstone Group, and AWZ.

Penterians are one team with a shared mission. Become a Penterian – change the way the world does cyber!

About the role:

We are looking for an offsec Cloud attack researcher to join our group and become part of the revolution.

Roles and Responsibilities:

• Conduct state of the art research on AWS, Azure and GCP cloud platforms and be one step ahead of real threat actors.
• Integrate the research outputs into attack platforms for enhancing the automation ecosystem with new attack capabilities.
• Develop decision-making algorithms to bridge the gap between an automated system and an experienced human attacker
• Develop production-ready attack capabilities. What development language is relevant? WHATEVER IT TAKES!
• Python, C/C++, CSharp, Java, Office Macros, Bash, Powershell, Go, Ruby,…
• Mentor other members of the R&D team.

So, can we offer you the red pill and join our journey to create the ultimate automated hacker?

Requirements

• 3+ Years of experience in researching/testing Cloud technologies and Cloud-native applications
• 3+ Years of practical experience in red/blue team engagements
• 3+ Years of experience in Python development
• Deep knowledge of Azure/AWS and its eco-system
• Experience with pure and hybrid cloud environments
• Familiarity with common open-source attack platforms
• Metasploit, Nmap, Beef, Cobalt Strike, Impacket, Burp, Pacu
• Excellent teamwork skills
• Fast learner and quick on adapting to new technologies and fields

Preferred skills:

• IDF cyber team veteran
• Experience and passion for cyber oriented research
• Experience with working in Agile Methodology
• Experience in the following attack areas:
• Web applications
• Vulnerability research
• Payload engineering
• Hands-on experience with the Java development language
• Bachelor’s degree in Computer Science or a related field

We are an equal opportunity employer and we are committed to building a diverse and talented workforce. We do not discriminate on the basis of race, sex, religion, colour, national origin, gender, gender identity, sexual orientation, age, marital status, veteran status, medical condition, disability, or any other class or characteristic protected by applicable law. We welcome candidates from all backgrounds to join us!

Apply for this position