Interested in becoming a pentest engineer with a wide range of skills that go beyond pentesting?
This is a junior level position that is a blend of QA, cyber security analyst, System Engineer and Penetration Test Engineer. From this position, multiple career paths are plausible: pentester, malware analyst, threat intelligence, cyber security software developer, and more.
A candidate will take part in research, analysis of AppGuard product related incident investigations, learning about the latest hacking techniques, creating, and testing various test scripts, samples, that would help to make the product stronger. Come up with new product policies, develop procedures to ensure the product does not impair the usability of the host it protects.
- Computer Science Degree with focus or interest in information security.
- Strong analytical skills and problem-solving skills, curiosity, thinking out-of-box
- Computer skills with strong fundamental knowledge in computer science concepts, including networking.
- Very good understanding of Windows OSes.
- Workstations are a must
- Any familiarity with Servers and AD (Active Directory) is a plus
- Understanding of network fundamentals (OSI model)
- Knowledge (or working towards it!) of Windows systems administration
- Understanding or familiarity with one or more: Windows services, processes, WMI, COM/DCOM, IPC, Windows Domains, XML, JSON.
- Understanding of the fundamentals of Windows processes, virtual memory.
- Familiarity with Process Injection
- Familiarity with Windows Digital Signatures
- Some development experience is required.
- Hands-on knowledge and experience with one or more: PowerShell, Batch scripting, Python, C#/.NET, C/C++.
- Hands-on experience with Linux is a big plus
- Familiarity with common software security issues and remediation techniques such as MITRE ATT&CK, SANS 25, OWASP Top 10, etc is a big plus
- Familiarity with the concepts used in products like Metasploit, Powersploit, Burp Suite, NetSparker.
- Familiarity with the concepts used in Emulation Tools, open source and/or commercial. Caldera, Red Atomic, AttackIQ and such.
- The position requires excellent written explanation of observations, findings, unanswered questions, test procedures, and impact
- Attention to detail, methodical work, and an inquisitive nature are critical success factors
Candidate will use Git, Jira Project Tracking, VMWare and/or Virtual Box, Cloud
Designs, develops and maintains AppGuard LLC cybersecurity products. Works in a team environment and actively participates in evolving software functionality including requirements analysis, software design, development, integration and test. Ability to collaborate with engineering management and staff engineers in developing specifications and software. Work semi-autonomously, defining and meeting long-term project goals without extensive supervision.