Webapp Offensive Security Software Engineer (Cybersecurity)

TL;DR

Webapp Offensive Security Software Engineer (Cybersecurity): Designing and integrating web application penetration testing content into the NodeZero platform with an accent on autonomous pentesting and AI-enhanced security techniques. Focus on building novel attack capabilities, implementing AI-driven vulnerability detection, and automating exploitation workflows.

Location: 100% Remote (Available anywhere, including LATAM)

Salary: $185,000 – $240,000 annually

Company

A fast-growing cybersecurity company specializing in autonomous pentesting through its flagship NodeZero platform.

What you will do

• Design, develop, and integrate web application offensive security content and novel attack capabilities into the NodeZero platform.
• Research and implement AI-driven methods for vulnerability detection, exploitation, and workflow automation.
• Extend and maintain platform architecture, data models, and system design to support new features.
• Integrate open-source and in-house tools, ensuring quality via testing and code reviews.
• Author technical blog posts showcasing new research, exploits, or attack methodologies.
• Mentor junior engineers and contribute to the improvement of team processes.

Requirements

• Extensive experience conducting full-scope web application penetration tests.
• Proficiency with proxy tools like Burp Suite and browser developer tools.
• Strong skills in object-oriented programming and test-driven development.
• Experience applying AI-assisted development tools to security research and automation.
• Familiarity with relational and graph databases, particularly Postgres and Neo4j.
• Proven track record of recognized security research, including documented CVE discoveries and bug bounty contributions.

Nice to have

• Experience developing software and automation specifically for web application pentesting.
• Background in large-scale software development projects.
• Experience with LLM fine-tuning, RAG, or agentic workflows using LangChain, LangFlow, or MCP.
• OSCP (Offensive Security Certified Professional) Certification.

Culture & Benefits

• 100% remote work environment with a flexible vacation policy.
• Competitive base salary and equity packages in the form of stock options.
• Comprehensive health, vision, and dental insurance for employees and their families.
• Inclusive culture that values diversity and encourages out-of-the-box thinking.
• Generous parental leave.