🛠 Tech Stack

💼 About This Role

You'll own offensive security end-to-end at Lovable, a platform where millions build software with AI. You'll push Lovable's platform to its limits, hunt vulnerabilities across AI pipelines and user-generated code, and make sure attackers never get there before you do.

🎯 What You'll Do

• Plan and execute penetration tests across web, mobile, APIs, and cloud.
• Probe LLM integrations for prompt injection and data leakage.
• Stress-test user-generated code for systemic vulnerabilities.
• Work with engineering to prioritize, remediate, and verify fixes.

📋 Requirements

• 5+ years of hands-on penetration testing across web, mobile, APIs, and cloud.
• Deep expertise in OWASP and offensive security techniques.
• Experience attacking AI-native products or LLM-integrated systems.
• Strong understanding of cloud environments (GCP, AWS, Cloudflare).

✨ Nice to Have

• Experience with red team operations or supply chain attacks.
• Familiarity with SAST/DAST tooling.
• Background in CVE disclosure or security research.

🎁 Benefits & Perks

• 🌍 Remote-friendly culture with hubs in Stockholm.
• 💰 Competitive equity package.
• 🏖️ Flexible PTO policy.
• 📚 Learning budget for conferences and training.
• 🥗 Daily lunch provided in office.