Job opportunity: Offensive Security Expert Skip To Content

BE PART OF THE CHANGE Fireblocks is looking for talented people to join the team.

Apply to
This Position

Offensive Security Expert

Tel Aviv · Senior

About The Position


We are looking for an expert security engineer that wants to take their existing penetration testing, research, and infrastructure engineering skills to the next level. Join Fireblocks leading security team and work within a dynamic and fast-moving cloud environment. The work will focus primarily on full-stack security assessments and will include conducting deep-dive penetration tests, security researches, and code review across multiple clouds, on-prem, and first-party and public cloud environments; All to provide a cross-company risk reduction and have a real impact over Fireblocks security posture.


In this position you’ll be thinking like a malicious hacker, understand and anticipate the moves and tactics that a hacker might use to try and gain unauthorized access to Fireblock’s computer system. You should be experienced in information security and with a strong understanding of security protocols, authentication, and security engineering. 


Responsibilities:


  • As an Offensive Security Expert, you will conduct ongoing research into the latest tactics techniques and procedures, and discover dangerous flaws and major security vulnerabilities for our Clients before they’re found by hackers of more malicious intent. 
  • Perform full-stack (Infra & Product security) grey and white box penetration testing;
  • Leverage code review skills to identify complex vulnerabilities within code.
  • Collaborate with other security teams to provide insights & security knowledge share. Provide security guidance and recommendations to engineering and operational teams
  • Apply state of the art methodologies, tooling, and skills to demonstrate real vulnerabilities, and help technical teams improve their security posture and technical controls to mitigate the issues. 
  • Preferably able to bridge offensive security disciplines: from data & application to cloud and infrastructure security, from application testing to Red Teaming, from social engineering to crunching and writing tools & scripts.

Requirements


  • 5+ years of experience with information security (security researcher, security engineer, security architect).
  • 5+ years of experience with offensive security subjects such as, mobile security, (web) application security and infrastructure security.
  • Experience with static and dynamic code analysis
  • Strong IaaS security skills, with a focus on AWS, Azure, IBM
  • Experience with Kubernetes/Docker
  • Experience with infrastructure-as-code, specifically Terraform
  • Solid programming skills, any of C, C++, Java, C#, Python, Ruby, x86 or ARM assembly;
  • Advantage : Reverse engineering; Red teaming; Malware analysis; exploit development;
  • Risk assessment and threat modeling to identify risks associated with business processes, operations, technology projects and information security programs
  • Security considerations of cloud computing, including data breaches, hacking, account hijacking, malicious insiders, third parties, authentication, APTs, data loss, Identity and access and OWASP attacks
  • Strong hands-on technical abilities
  • Proficiency in Linux systems engineering/operations

Apply for this position

We don't support Internet Explorer

Please use Chrome, Safari, Firefox, or Edge to view this site.