Penetration Tester

Penetration Tester

Genesys Cloud Product Security is hiring a penetration tester focused on product-level offensive security. This role centers on identifying and helping remediate vulnerabilities across Genesys Cloud's web and mobile applications, public APIs, and supporting infrastructure, while owning our bug bounty program end-to-end.

Genesys Cloud is a cloud-native, multi-tenant SaaS platform on AWS, with modern web experiences, extensive APIs, and rapidly growing AI capabilities. This role suits a hands-on tester who can independently deliver meaningful assessments today and grow into a senior product security role. You'll leverage AI-assisted workflows and contribute to securing AI-enabled features. AI experience is a plus, but strong web/API security fundamentals and curiosity are key.

What You'll Do

• Perform manual penetration testing across web apps, APIs, and infrastructure
• Assess auth/authz, tenant isolation, input validation, business logic, and data exposure risks
• Identify issues beyond automated scanning, especially in modern UI/API-driven flows
• Develop clear PoCs, validate findings, and retest fixes
• Improve testing playbooks, tooling, and repeatable practices

• Own day-to-day management: scope, policies, rewards, and researcher engagement
• Triage submissions, validate impact, align severity, and track remediation
• Partner with engineering to route and resolve findings
• Maintain high-quality communication with external researchers

• Evaluate attack paths in a multi-tenant AWS environment
• Understand architecture, trust boundaries, and service interactions
• Identify weaknesses in API usage, input handling, and access controls
• Contribute to security reviews with an attacker mindset

• Use AI-assisted workflows to enhance testing and analysis
• Assess AI-enabled features for risks like prompt injection, data leakage, and misuse
• Ensure AI features respect tenant boundaries and authorization controls

• Work closely with engineers to deliver actionable remediation guidance
• Produce clear, high-quality reports
• Operate effectively in a distributed, collaborative team

What You'll Bring

• ~3+ years in penetration testing, application/product security, or similar
• Strong hands-on experience testing web applications and APIs
• Solid understanding of common vulnerabilities (auth flaws, injection, business logic, multi-tenant risks)
• Proficiency with tools like Burp Suite, dev tools, and scripting
• Knowledge of auth mechanisms (cookies, tokens, OAuth, sessions)
• Familiarity with cloud-native systems and AWS fundamentals
• Strong communication and problem-solving skills
• Ability to work independently and own testing and bug bounty workflows

• Experience with SaaS or large-scale customer-facing platforms
• Knowledge of AWS, microservices, and event-driven systems
• API security testing at scale (auth abuse, rate limits, data exposure)
• Understanding of modern front-end architectures
• Exposure to AI/LLM security risks
• Basic coding/scripting (Python, JS/TS, Java, etc.)
• CI/CD, security automation, or threat modeling experience
• Prior bug bounty program involvement

Technologies

• AWS and cloud-native architectures
• Modern web apps and public APIs (REST, OAuth)
• Distributed, multi-tenant SaaS systems
• Automation and AI-assisted workflows
• AI-enabled product features
• Bug bounty and coordinated disclosure programs

Our Benefits

At Genesys, we're committed to supporting your well-being, growth, and work–life balance. Our comprehensive benefits package includes:

• Flexible work options – Choose what works for you with hybrid schedules, work-from-home flexibility, and the option to collaborate onsite in our state-of-the-art Galway office.
• Career development & growth – Access continuous learning opportunities, mentoring, and clear paths for advancement.
• Competitive pension scheme – Invest in your future with an excellent employer-supported pension plan.
• Annual bonus program – Be rewarded for your impact and contributions.
• Comprehensive health coverage – Including private health insurance, access to company dental plan, and wellness supports.
• Financial protection – Enjoy Income Protection and Life Assurance, along with access to dedicated financial planning resources to help you make confident, informed decisions about your future.
• Family-friendly policies – Generous paid maternity and paternity leave, along with supportive leave options designed for every stage of life.