large-meteor small-blured-meteor

Careers > CYBER SECURITY RESEARCHER

CYBER SECURITY RESEARCHER

Type:FULL-TIME

id: #0118

overview

The Hyver platform, developed in CYE, allows us to carry out sophisticated and targeted cyber attacks against our customers on a large scale. Working with us, you will discover and implement the attacks, techniques and automations that make up Hyver. You will research new ways of hacking organizations and systems, come up with unique ways to automate common attacks, and integrate them into complete attack kill-chains inside the platform. Using our tool-set, and together with our red-teams, you will carry out live attacks against our customers and use the results to improve the platform. You are expected to be a self-motivated, self-learner individual. Many challenges will require you to work closely with your colleagues in the R&D and PM departments to identify alternative approaches to achieve the desired goal or redefine the stated mission.

Responsibilities

  • Discover and implement new techniques, attacks and solutions.
  • Identify leads and opportunities for new research venues related to the platform.
  • Research and work with a wide array of technologies and infrastructures.

Qualifications

  • 3-5 years of offensive information security, penetration testing and red-team experience
  • At least 1 year of software development experience
  • Or: 3 years of software development experience
  • At least 1 year of offensive information security, penetration testing and red-team experience.
  • Familiarity with: Web security tools such as Burp, ZAP, Fiddler, etc.
  • Network security tools such as Nmap, Wireshark, Socat, etc.
  • Common attacks and techniques, such as in Owasp Top 10, ATT&CK Matrix, etc.

Advantages

  • Bachelor's degree in computer science or software engineering or equivalent military experience.
  • OSCP certification.
  • Coding experience in Python 2/3.
  • Familiarity with:
  • Concepts such as TLS, PKI, IP Registration, DNS, etc.
  • Cloud environments
  • Penetration testing in corporate environments - Windows domain, Internet reconnaissance, etc.
  • Tool sets such as Metasploit, Cobalt Strike and Kali Linux
We use technical and analytics cookies to ensure that we give you the best experience on our website. To disable tracking click here.