Pentest Product Associate

About the role

We're looking for a Pentest Product Associate to join our Product team and help expand the power of Wiz. In this pivotal role, you will be the primary operator of our cutting-edge AI-driven Dynamic Application Security Testing (DAST) agent while simultaneously innovating detection mechanisms for cloud-native technologies. You will bridge the gap between automated AI testing and cloud infrastructure, defining the "rules of engagement" for our agents to ensure they effectively simulate sophisticated attacks and accurately classify the modern attack surface.

Responsibilities

• Engineer Detection & Attack Logic: Develop advanced detection algorithms to classify cloud technologies while fine-tuning the attack policies that define how our agents identify and exploit vulnerabilities.
• Validate Complex Findings: Analyze cloud services, APIs, and log payloads to review complex attack paths, reducing false positives and ensuring compliance with industry standards.
• Research Novel Threats: Stay at the forefront of novel attack vectors and emerging cloud/API threats, translating new techniques into executable behaviors for the Wiz DAST engine.
• Drive Product Evolution: Collaborate directly with Research, Backend, and R&D teams to turn operational insights into feature requests, positioning Wiz as the market leader in vulnerability management.

Requirements

• 1+ years of hands-on experience in AppSec or penetration testing, including proficiency with enterprise tools like Burp Suite, OWASP ZAP, or Acunetix.
• Solid knowledge of networking concepts, the OSI model, and cloud infrastructure (AWS, Azure, or GCP).
• Hands-on experience with Linux, Windows, Docker, Kubernetes, and a strong command of web protocols (HTTP/S, REST, GraphQL) and auth mechanisms (OAuth, SAML).
• Proficiency in scripting languages such as Python, Bash, or Go to automate security tasks and interact directly with the codebase.
• An analytical mindset with the ability to diagnose complex logs and scans to distinguish between tool failures, configuration issues, and valid security findings.
• Self-motivated with the ability to work collaboratively and communicate high-stakes security concepts effectively across teams.
• BONUS POINTS
• Knowledge of AI/ML and how LLMs or reinforcement learning agents operate within a cybersecurity context.
• SaaS and cloud experience with familiarity in AWS, Azure, or GCP environments and modern cloud-native architectures.
• A red teaming background with experience in simulated adversarial attacks and bypassing standard WAF or security controls.
• Applicants must have the legal right to work in the country where the position is based, without the need for visa sponsorship. This role does not offer visa sponsorship .
• By submitting your application, you acknowledge that Wiz will process your personal data in accordance with Wiz's Privacy Policy.

Benefits

Additional Information

Come join the company that is reinventing cloud security and empowering businesses to thrive in the cloud. As the fastest-growing startup ever, Wiz is on a mission to help organizations secure cloud environments that will accelerate their businesses. Trusted by security teams all over the world, we have a proven track record of success and a culture that values world-class talent. Our Wizards from over 20 countries work together to protect the infrastructure of our hundreds of customers, including over 50% of the Fortune 100, who trust us to scan and secure over 230 billion files daily. We're the leading player in a massive and growing market, but it's still early enough for you to make a significant impact. At Wiz, you'll have the freedom to think creatively, dream big, and use your full range of skills to contribute to our record growth. Come join our team and help us create secure cloud environments that allow the best companies to move faster.

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at Wiz? Share your experience