🛠 Tech Stack

💼 About This Role

You'll identify security vulnerabilities in web applications and APIs for a hypergrowth cybersecurity startup, then translate findings into automated testing logic. Your core impact will be evolving the platform's automated red team capabilities to help organizations proactively strengthen defenses. This role combines hands-on offensive security with automation-focused innovation. You'll collaborate closely with engineering and product teams to expand testing coverage and enhance the offensive security engine.

🎯 What You'll Do

• Perform security research on web applications, APIs, and complex workflows.
• Identify, validate, and reproduce real-world vulnerabilities in modern applications.
• Translate manual penetration testing techniques into automated detection logic.
• Develop and refine payloads, exploit strategies, and vulnerability validation methods.

📋 Requirements

• 5+ years hands-on vulnerability research or offensive security experience.
• Strong expertise in web application and API security.
• Deep understanding of authentication and authorization flows (JWT, OAuth, SSO).
• Proven experience identifying IDOR, business logic flaws, authentication bypasses, privilege escalation.

✨ Nice to Have

• Strong Python development skills.
• Experience with browser automation (Playwright, Selenium, Puppeteer).
• Familiarity with AI-driven security or automated exploitation workflows.

🎁 Benefits & Perks

• 🏖️ 100% Remote Work
• 💰 Highly Competitive USD Pay
• ⏰ Paid Time Off
• 🔧 Work with Autonomy
• 🏢 Work with Top American Companies

📨 Hiring Process

Estimated timeline: 2-4 weeks · AI estimate

1. 1Recruiter Call· 30 min
2. 2Technical Interview· 60 min
3. 3Team Fit· 45 min