Penetration Tester

Job Description

As a Penetration Tester in CyberArk, you will be the go-to-guy of finding traditional and creative ways of breaking CyberArk products’ security and suggest robust solutions of fixing it. You will demonstrate logical and technical analysis skills and find the weak spots of the products. You will demonstrate end-to-end scenarios clearly and elaborate on the impacts of each scenario while meeting deadlines, working simultaneously on multiple projects and providing high quality output.

(Full time position)


  • Product Hacking responsibilities: Lead the security testing phase across all CyberArk products to ensure satisfying level of security; evaluate and score each found vulnerability for prioritization of fixing; develop proof of concepts of full attack scenarios and demonstrate to product stakeholders; research and suggest new tools and techniques.
  • Security Team responsibilities: Work closely with the R&D Security Leader; train and guide security experts in-teams for basic level security testing training;
  • Development Teams responsibilities: Assist QA with basic security tools to enhance and improve the testing phase of the product; advise on existing and newly created hardening procedures for products; review deployment guides and suggest secure default configurations.

Requirements & Experience

  • 5 years of security analysis related experience
    • Minimum of 3 years of experience as a security researcher or a penetration tester, preferably in an information security company.
  • Higher education of computer engineering in one of the next forms:
    • B.Sc. Computer Science / Engineering
    • Computer Engineering diploma
    • Military course graduate
  • 3 years of experience in 2 or more of the next domains:
    • Web application penetration testing
    • Client-Server application penetration testing
    • Mobile apps penetration testing
    • Reverse Engineering
    • Low level languages exploitation
  • Familiarity with one or more programming language / scripting language
  • Significant advantage: Offensive security certificate (GIAC / CEH / OSCP etc.)

Skills & Knowledge
Must have

  • Mastering usage of security testing tools (Metasploit for example) and platfroms (Kali for example)
  • Being able to track back a vulnerability into specific location in code
  • Analyzing the risk impact and exploitation methods of each scenario and vulnerability
  • Communicating clearly, precisely in order to provide solutions to complicated vulnerabilities
  • Fluent in English and Hebrew (speaking and writing), presentation and crowd-facing skills
  • Multi-tasking, working simultaneously on several projects



  • Experience with privileged accounts products and industry
  • Have published vulnerabilities (CVE / Hall of fame / Bug Bounties / etc.)
  • Experienced in setting up testing environments (automated tools)
  • Secure design/requirements knowledge

Apply Now

CyberArk provides equal opportunities in employment, development, and advancement to all employees, applicants for employment and all qualified persons without regard to race, color, sex, pregnancy, age, religion, national origin, ancestry, sexual orientation, gender identity, physical or mental disability, veteran status, military service, application for military service, genetic information, or any other characteristic protected under federal and applicable state law. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, transfer, leaves of absence, compensation and training.