Jump to content
Nytro

Senior Penetration Tester

By Nytro, in Locuri de munca

Recommended Posts

Nytro Mentor

Nytro

Posted
Posted
Accelerate Human Achievement: that is UiPath's purpose. We are the leader in Robotic Process Automation (RPA) and the highest-valued AI enterprise software company in the world. With over $568 million in funding from top venture capital firms like Accel, CapitalG, Kleiner Perkins, Sequoia, IVP, Madrona Venture Group, Meritech Capital & Coatue, we are on an unprecedented trajectory of growth. With this funding, we have an incredible opportunity to improve the way people work globally.

Our award-winning company culture values humility, and leaders who know how to listen. CEO Daniel Dines’ primary goal was to build a company where he would love to work, and even now, with thousands of employees in tens of countries, that remains our top priority.

We trust and empower our colleagues, and together we make sure we have everything we need to do our best work, from the support of strong leaders to awesome perks and benefits.

UiPath is looking for a Penetration Tester to help and grow the security related operations within the fast-growing product teams across the company. This is a deeply technical role which implies developing and applying formal security centric assessments against existing and in-development UiPath products and features. The Pen Tester will analyze product functional and security requirements and use state of the art testing tools, or develop/automate new tools, as needed, to assess the security level provided. It will also assist in investigating security incidents. The Penetration Tester will work with Security Engineers, together with stakeholders, and is responsible of detailing and executing the testing plans and strategies, while also building clear and concise final reports.

A successful Penetration Tester at UiPath is a self-starter, with strong analytical and problem-solving skills. Ability to maneuver in a fast-paced environment is critical, as well as handling ambiguity coupled with a deep understanding of various security threats. As a true owner of security in UiPath, great writing skills are needed, coupled with the ability to interact with stakeholders across multiple departments and teams. The Senior Penetration Tester acts as a mentor for technical peers and can transpose testing strategies and results in high level non-technical language.

Here's What You Would Be Doing At UiPath
    • Penetration testing & vulnerability research
    • Developing automated security research tools
    • Assist internal and external customers in investigating security incidents
    • Recommendation of threat mitigations
    • Security training and outreach to internal development teams
    • Security guidance documentation
    • Security tool development
    • Security metrics delivery and improvements
    • Assistance with recruiting activities
       
What You Will Bring
    • BS in Computer Science or related field, or equivalent work experience
    • Minimum of 5 years of experience with vulnerability testing and auditing techniques
    • Minimum of 3 year of experience in coding/scripting (Python,C,C++,x86/x64 assembly language)
    • Good understanding of cyber-attack tools and techniques
    • Experience writing POCs for discovered vulnerabilities
    • Good knowledge of system and network security
    • Advanced knowledge and understanding of security engineering, authentication and security protocols, cryptography, and application security
    • Experience using various penetration testing tools (such as, BurpSuite, Metasploit, Nessus, etc.)
    • Experience using debuggers, disassemblers for reverse engineering (Ida)
    • Experience with forensics (preferably related to APTs)
       
We are offering the possibility to work from home or flexible working hours, a competitive salary package, a Stock Options Plan and the unique opportunity of working with us to develop state-of-the-art robotics technology are just a few of the pluses.

We must have caught your attention if you've read so far, so we should talk.
 
  • At UiPath, we value a range of diverse backgrounds experiences and ideas. We pride ourselves on our diversity and inclusive workplace that provides equal opportunities to all persons regardless of race, color, religion, sex, sexual orientation, gender identity and expression, national origin, disability, military and/or veteran status, or any other protected classes.

    At UiPath, we value a range of diverse backgrounds experiences and ideas. We pride ourselves on our diversity and inclusive workplace that provides equal opportunities to all persons regardless of race, color, religion, sex, sexual orientation, gender identity and expression, national origin, disability, military and/or veteran status, or any other protected classes.

Seniority Level

Mid-Senior level

Industry

  • Information Technology & Services
  •  
  • Computer Software
  •  
  • Internet

Employment Type

Full-time

Job Functions

Linkedin: https://www.linkedin.com/jobs/view/1405924525/

 

Daca e cineva interesat, astept PM.

gigiRoman Proficient

gigiRoman

Posted
Posted

Felicitari!

Chiar ca le mai ridici standardele.

La asta nu am primit niciodata raspuns (2016)

Nu am mai verificat intre timp sa vad ce au mai updatat.

"Please note that you code is not obfuscated. I was able to decompile it with JetBrains dotPeek. All your exe and dll files are written with net framework 4.6, I can see all project references.
Also checked Library->Samples folder and because .xaml files are in plain text an attacker can easy manipulate those one.
Thank you for reading this and please be more carefull next time.
Best regards."

Mi s-a parut ciudat ca e partener la defcamp.

Folosesc tot UiAutomation de la Microsoft?

https://docs.microsoft.com/en-us/windows/win32/winauto/entry-uiauto-win32

  • Upvote 1
Nytro Mentor

Nytro

Posted
  • Author
Posted
3 hours ago, gigiRoman said:

Felicitari!

Chiar ca le mai ridici standardele.

La asta nu am primit niciodata raspuns (2016)

Nu am mai verificat intre timp sa vad ce au mai updatat.

"Please note that you code is not obfuscated. I was able to decompile it with JetBrains dotPeek. All your exe and dll files are written with net framework 4.6, I can see all project references.
Also checked Library->Samples folder and because .xaml files are in plain text an attacker can easy manipulate those one.
Thank you for reading this and please be more carefull next time.
Best regards."

Mi s-a parut ciudat ca e partener la defcamp.

Folosesc tot UiAutomation de la Microsoft?

https://docs.microsoft.com/en-us/windows/win32/winauto/entry-uiauto-win32

Mersi! Nu cred ca s-au schimbat prea multe, cred ca lucrurile sunt cam la fel. Da, o sa fim la Defcamp si anul acesta.

 

@BiosHell - Din pacate nu, e nevoie de oameni cu experienta care sa primeasca un proiect si sa se descurce singuri.

Nytro Mentor

Nytro

Posted
  • Author
Posted

Ca beneficii firma ofera tot ce v-ati putea dori.

Ca pozitie, ar fi OK ca persoana sa fie senior si sa se poata descurca singura pe un proiect. Sunt multe aplicatii web, asta cred ca e cel mai important, dar si multe alte lucruri.

PS: Avem si bug bounty daca sunt persoane interesate.

 

Cine vrea sa stie mai multe, astept PM. Sau ne vedem la Defcamp.

Nytro Mentor

Nytro

Posted
  • Author
Posted

Acela este "Vulnerability Disclosure Program", nu se plateste, dar se ofera reputatie HackerOne. Bug bounty e momentan privat (invite-only). Parca (nu ma ocup eu de el).

  • Upvote 1

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...