Security Researcher

CYE is building a data-driven cybersecurity optimization SaaS platform that allows organizations to continually improve their cyber resilience. Our platform helps organizations assess their overall security, quantify the risks in business terms and fix the weakest links in their networks.At CYE we understand that the best results are achieved by combining the power of AI with human expertise. This is why we’ve built a world-class team of cybersecurity experts that augment the power of our platform.CYE has raised $120M from 83North and EQT and has 100s of customers from various industries that rely on our platform. We’re in our hyper-growth stage and we’re looking for bright and ambitious people to join us.

At CYE you’ll do the following:

• Create and collaborate with Engineering, Data Science and Product on proof-of-concept features, products, services and tools.
• Improve our customers security by discovering and implementing techniques to bypass security tools and controls and by recommending mitigations.
• Exploit newly discovered vulnerabilities and implement new attack vectors using our cyber-offense frameworks.
• Work with engineers to bring automated capabilities to production.
• Analyze real-world security data to improve enterprise security and reduce security risks.

You are qualified for this role if you:

• Are keen on solving large and complex problems by building iterative, measurable and tangible research plans, communicating them to all stakeholders and working to make them happen.
• Have expert knowledge of the latest cybersecurity trends, exploit techniques and TTPs.
• Have 3+ years of experience in hands-on Security Research / Offensive Cyber Security / Penetration Testing or Red Teaming in Enterprise IT, Cloud Infrastructure (AWS, GCP, Azure) and in SaaS environments.
• Have hands-on Python (or Go, Ruby, JavaScript) coding experience.
• Have exceptional knowledge of networking and internet protocols (TCP/IP, HTTP, DNS, TLS, SMB, Kerberos).
• Are an exceptional, proactive communicator and a highly motivated self-learner.

It’s an advantage to have:

• BSc in Computer Science or equivalent industry or military experience.
• Deep knowledge of C/C++ and Windows API.
• Experience with Big Data platforms (SQL, Pandas, Elasticsearch, HDFS, Spark).
• Great understanding of Cloud Attack Vectors and Mitigations.
• Familiarity with Security compliance frameworks (NIST, OWASP, CSA, etc.).