Welcome to the future of cloud networking and security!

Cato Networks is the first company to converge enterprise networking and security into one centralized and global service that is delivered by cloud. It is led by networking and security pioneer Shlomo Kramer (Check Point, Imperva) and early investor (Palo Alto Networks, Exabeem, Trusteer and more). Cato’s unique technology inspired a brand-new product category, later named “SASE” by Gartner and a market expected to reach $28.5 billion by 2028.

This is your opportunity to get on the rocket ship and join a company that is building a cutting-edge enterprise network and secure cloud platform, and is on a fast track to becoming the worldwide market leader – don’t miss it!

We're looking for an Application Security Researcher to join us. In this critical role, you will assist us in validating our services and environments according to the highest security standards. Also, You will work closely with our R&D and Product teams, and solve complex security problems.

Responsibilities:

• Continuously checking and improving security measures to protect our systems.

• Reviewing system architecture, design, and code to find and fix security weaknesses before they become a problem.

• Helping developers follow secure coding practices and learn how to prevent security risks.

• Staying updated on new security threats and best practices to keep our security standards high.

• Contributing to Cato’s security research blog.

Requirements:

• At least 3 years of experience in application security or vulnerability research.

• Hands-on experience in penetration testing for web, mobile, infrastructure, and thick client applications.

• Experience bypassing security tools like RBI, EDR, and DLP.

• Programming skills, with a preference for Java, Go, or C.

• Ability to find and fix security flaws in open-source libraries and third-party software.

• Knowledge of supply chain attacks and how to prevent them.

• Hands-on experience with AWS cloud attacks and mitigations (preferred).

• Understanding of microservices architectures, Docker, and Kubernetes.

• Strong problem-solving skills and the ability to work independently.

• Good communication skills and a passion for sharing knowledge.

• Understanding of network security and encryption protocols.

Additional Skills (Preferred):

• Experience using SAST/DAST tools for static and dynamic code analysis.

• Experience working in Agile teams and collaborating with different departments.

• Security certifications like OSCP, CRTP, OSWE, or similar.

• Ability to lead security projects and initiatives.

• Adaptability to a fast-paced environment.

• Knowledge of current security threats and how to defend against them.

• Experience with writing security blogs, CVE research, or bug bounty programs is a plus.

• BSc in Computer Science- an advantage.