Description

UiPath is looking for a Penetration Tester to help and grow the security related operations within the fast-growing product teams across the company. This is a deeply technical role which implies developing and applying formal security centric assessments against existing and in-development UiPath products and features. The Pen Tester will analyze product functional and security requirements and use state of the art testing tools, or develop/automate new tools, as needed, to assess the security level provided. It will also assist in investigating security incidents. The Penetration Tester will work with Security Engineers, together with stakeholders, and is responsible of detailing and executing the testing plans and strategies, while also building clear and concise final reports.

A successful Penetration Tester at UiPath is a self-starter, with strong analytical and problem-solving skills. Ability to maneuver in a fast-paced environment is critical, as well as handling ambiguity coupled with a deep understanding of various security threats. As a true owner of security in UiPath, great writing skills are needed, coupled with the ability to interact with stakeholders across multiple departments and teams. The Senior Penetration Tester acts as a mentor for technical peers and can transpose testing strategies and results in high level non-technical language.

Responsibilities
 

• Penetration testing & vulnerability research
• Developing automated security research tools
• Assist internal and external customers in investigating security incidents
• Recommendation of threat mitigations
• Security training and outreach to internal development teams
• Security guidance documentation
• Security tool development
• Security metrics delivery and improvements
• Assistance with recruiting activities

Required Skills
 

• BS in Computer Science or related field, or equivalent work experience
• Minimum of 5 years of experience with vulnerability testing and auditing techniques
• Minimum of 3 year of experience in coding/scripting (Python,C,C++,x86/x64 assembly language)
• Good understanding of cyber-attack tools and techniques
• Experience writing POCs for discovered vulnerabilities
• Good knowledge of system and network security
• Advanced knowledge and understanding of security engineering, authentication and security protocols, cryptography, and application security
• Experience using various penetration testing tools (such as, BurpSuite, Metasploit, Nessus, etc.)
• Experience using debuggers, disassemblers for reverse engineering (Ida)
• Experience with forensics (preferably related to APTs)