Pentest Product Associate (DAST)

TL;DR

Pentest Product Associate (DAST): Operate an AI-driven Dynamic Application Security Testing (DAST) agent and expand detection mechanisms for cloud-native technologies with an accent on defining agent “rules of engagement” and accurately classifying the modern attack surface. Focus on building detection/attack logic, validating complex findings from cloud services and logs, and translating novel threats into executable behaviors for the hirify.global DAST engine.

Location: Tel Aviv

Company

hirify.global builds cloud security solutions that help organizations secure cloud environments.

What you will do

• Develop detection algorithms to classify cloud technologies and fine-tune attack policies for the DAST agent.
• Analyze cloud services, APIs, and log payloads to validate attack paths, reduce false positives, and support compliance.
• Research novel attack vectors and emerging cloud/API threats, converting new techniques into executable behaviors for the DAST engine.
• Collaborate with Research, Backend, and R&D teams to turn operational insights into product feature requests for vulnerability management.

Requirements

• 2+ years of hands-on experience in AppSec or penetration testing.
• Proficiency with enterprise tools such as Burp Suite, OWASP ZAP, or Acunetix.
• Solid networking knowledge (OSI model) and cloud infrastructure experience (AWS, Azure, or GCP).
• Hands-on experience with Linux, Windows, Docker, and Kubernetes; strong command of web protocols (HTTP/S, REST, GraphQL) and auth mechanisms (OAuth, SAML).
• Ability to script and automate security tasks using Python, Bash, or Go.
• Analytical mindset to diagnose complex logs and scans and distinguish tool failures/configuration issues from valid findings.

Culture & Benefits

• Work with an AI-driven security testing agent and cross-functional teams across Research, Backend, and R&D.
• Startup environment with room to make a significant impact during rapid growth.
• Mission-focused culture centered on securing cloud environments and enabling faster business movement.
• Equal opportunity employer.

Hiring process

• Application review followed by interviews to assess AppSec/pentest experience and ability to reason about complex security findings.
• Evaluation of fit for product work bridging automated testing and cloud infrastructure.