Original listing text, shown exactly as published by the company.
Competencies/Requirements
- Experience conducting full scope web application pentests
- Experience with proxy tools like Burp and with browser developer tools
- Proficient in object-oriented programming and test-driven development, with strong analytical and problem-solving skills.
- Experience applying AI-assisted development tools to security research and automation tasks
- Curiosity about emerging AI technologies.
- Skilled in designing, evaluating, and communicating technical solutions across systems, APIs, algorithms, and data structures.
- Familiarity with relational and graph databases, particularly Postgres and Neo4j.
- Strong written and verbal communication, including technical documentation.
- Ability to manage multiple priorities, work independently, and mentor teammates of varying experience levels.
- Quick to learn and adopt new technologies as needed.
- History of recognized security research, including documented CVE discoveries and responsible disclosure
- Track record of successful bug bounty contributions
Desired/Nice to Have
- Experience developing software and automation to aid in web application pentesting
- Background in large-scale software development projects.
- Experience fine-tuning language models or implementing retrieval-augmented generation (RAG) for security-focused applications.
- Experience with AI/LLM tools for building agentic workflows (e.g., LangChain, LangFlow) and integrating contextual data using protocols like Model Context Protocol (MCP).
Expectations
- Outstanding problem-solving aptitude.
- Be self-motivated and highly energetic to have the ability to operate effectively with limited supervision and guidance.
- Work with our security researchers to understand the technical aspects of reverse engineered exploits and weaponizing these exploits into the product.
- Strong technical documentation and communication skills.
- Document findings, methodologies, and recommendations for both technical and non-technical stakeholders.
- Proficient in designing, presenting, and evaluating technical solutions.
What makes you stand out
- Demonstrated examples of using AI to enhance or automate exploit development
- OSCP (Offensive Security Certified Professional) Certification
Travel Required
We are a fully remote company, and this job may require up to 15% of travel to be successful. Job-related travel expenses are reviewed and must be approved by your manager.
Other Duties
Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee. Duties, responsibilities, and activities may change at any time with or without notice.
