who we are:
CyberArk (NASDAQ: CYBR), the global leader in Identity Security, centered on privileged access management, CyberArk provides the most comprehensive security offering for any identity – human or machine – across business applications, distributed workforces, hybrid cloud workloads and throughout the DevOps lifecycle. The world’s leading organizations trust CyberArk to help secure their most critical assets.

 CyberArk Labs produces innovative research that examines emerging attack techniques and drives greater awareness and industry collaboration while helping to improve the overall security posture of companies worldwide. The team includes an elite group of white hat hackers, intelligence experts, and security leaders that examine post-exploit methods to understand the attack chain and the attackers’ actions so they can more effectively defend against them.
 

 What will you do:
The vulnerability researcher will explore different security aspects of new technologies and suggest novel ways to break and protect these technologies.

• Vulnerability research of many interesting technologies and popular products. Everything could be an option, from Internal OS components to cloud SaaS services, from DevOps tools to Linux Containers, etc.
• Focusing on finding identity-related vulnerabilities and new attack vectors on any kind of digital identity: human, application, and machine identities.
• Development of exploitation and mitigation POCs and tools.
• Working together with R&D and PM to shape CyberArk’s future features & products.
• Initiate and help driving innovation around your research area.
• Writing blog posts on labs.cyberark.com and presenting new research work at security conferences such as Blackhat, DEFCON, RSA.

What you need to succeed:

• 5+ years of experience in security research
• Proven research skills: Vulnerability hunting, Red Teaming, Advanced PT, Reverse Engineering, etc.
• Proven expertise in one or more of the fields: application security, Kernel security, cloud security, DevOps technologies, identity security components (MFA, OAuth, etc.), network protocols or web applications.
• Ability to write blog posts, open-source tools, and present research work on conference stages.
• Be part of a top research team, be able to collaborate, share insights, get and give tips.

How will you significantly stand out from the crowd

• Previously published CVEs or blog posts and articles covering own research work.
• Development experience.
• Previous experience with presenting technical related material.

To learn more about CyberArk, visit https://www.cyberark.com, read the CyberArk blogs, and follow us on @CyberArk, LinkedIn, or Facebook.

#LI-OS1