Webapp Offensive Security Software Engineer

Horizon3.ai is a remote cybersecurity company focused on proactive security assessment and offensive security techniques, including AI-enhanced methods. They are seeking an Offensive Security Software Engineer with web application penetration testing expertise and an interest in AI.

Location: US, Remote

Salary: $185,000 - $240,000 annually, plus equity

Responsibilities

• Design, develop, and integrate web application offensive security content into the NodeZero platform
• Design, develop, and integrate novel attack capabilities into the NodeZero platform, including offensive security tooling and AI-enhanced techniques
• Research and implement AI-driven methods for vulnerability detection, exploitation, and workflow automation
• Extend and maintain platform architecture, data models, and system design to support new product features
• Monitor production for issues or missed opportunities and create or resolve Jira tickets as needed
• Integrate open-source and in-house tools, ensuring quality through testing, code reviews, and production monitoring
• Investigate, own, and resolve bugs in developed content
• Collaborate cross-functionally to address customer and prospect concerns related to attack content
• Author technical blog posts showcasing new research, exploits, or attack methodologies
• Mentor junior engineers and contribute to continuous improvement of team processes and standards

Requirements

• Experience conducting full scope web application pentests
• Experience with proxy tools like Burp and with browser developer tools
• Proficient in object-oriented programming and test-driven development, with strong analytical and problem-solving skills
• Experience applying AI-assisted development tools to security research and automation tasks
• Curiosity about emerging AI technologies
• Skilled in designing, evaluating, and communicating technical solutions across systems, APIs, algorithms, and data structures
• Familiarity with relational and graph databases, particularly Postgres and Neo4j
• Strong written and verbal communication, including technical documentation
• Ability to manage multiple priorities, work independently, and mentor teammates of varying experience levels
• Quick to learn and adopt new technologies as needed
• History of recognized security research, including documented CVE discoveries and responsible disclosure
• Track record of successful bug bounty contributions

Benefits

• Inclusive Team: We value diversity and promote an inclusive culture where everyone can thrive.
• Growth Opportunities: Be part of a dynamic and growing team with numerous career development opportunities.
• Innovative Culture: Work in a collaborative environment that encourages creativity and out-of-the-box thinking.
• Remote Work: We are a 100% remote company. Enjoy the convenience and work-life balance that comes with remote work.
• Competitive Compensation: We offer competitive salary, equity and benefits. Our benefits include health, vision & dental insurance for you and your family, a flexible vacation policy, and generous parental leave.

Additional Information

• This role may require up to 15% travel, with expenses reviewed and approved by a manager.