🛠 Tech Stack

💼 About This Role

You'll perform offensive security research on web applications and APIs to identify real-world vulnerabilities. You'll translate manual penetration testing techniques into automated detection and exploitation logic for a hypergrowth cybersecurity startup's platform. You'll directly enhance the platform's automated red team capabilities.

🎯 What You'll Do

• Research web application and API security vulnerabilities
• Identify, validate, and reproduce real-world vulnerabilities
• Translate manual pentesting into automated detection logic
• Develop payloads and exploit strategies

📋 Requirements

• 5+ years in vulnerability research, penetration testing, or offensive security
• Expertise in web application and API security, including authentication flows
• Proven experience identifying vulnerabilities like IDOR, business logic flaws, authentication bypasses
• Ability to analyze HTTP requests/responses and application behavior

✨ Nice to Have

• Strong Python development skills
• Experience with browser automation (Playwright, Selenium, Puppeteer)
• Familiarity with GraphQL, gRPC, WebSockets, or mobile APIs

🎁 Benefits & Perks

• 🌍 100% Remote Work
• 💰 Highly Competitive USD Pay
• 🏖️ Paid Time Off
• ⚡ Work with Autonomy

📨 Hiring Process

Estimated timeline: 2-4 weeks · AI estimate

1. 1Recruiter Screen· 30 min
2. 2Technical Interview· 60 min
3. 3Final Interview· 45 min

🚩 Heads Up

• Must be located in Latin America (limited remote flexibility)
• No salary listed (estimated only)