Plus
Π’ΠΊΠ»ΡŽΡ‡ΠΈΡ‚ΡŒ Plus
Назад
Company hidden
5 часов Π½Π°Π·Π°Π΄

Webapp Offensive Security Engineer (Cybersecurity)

196Β 000 - 242Β 000$
Π€ΠΎΡ€ΠΌΠ°Ρ‚ Ρ€Π°Π±ΠΎΡ‚Ρ‹
remote (Ρ‚ΠΎΠ»ΡŒΠΊΠΎ USA)
Π’ΠΈΠΏ Ρ€Π°Π±ΠΎΡ‚Ρ‹
fulltime
Π“Ρ€Π΅ΠΉΠ΄
senior
Английский
b2
Π‘Ρ‚Ρ€Π°Π½Π°
US
Вакансия ΠΈΠ· списка Hirify.GlobalВакансия ΠΈΠ· Hirify Global, списка ΠΌΠ΅ΠΆΠ΄ΡƒΠ½Π°Ρ€ΠΎΠ΄Π½Ρ‹Ρ… tech-ΠΊΠΎΠΌΠΏΠ°Π½ΠΈΠΉ
Для мэтча ΠΈ ΠΎΡ‚ΠΊΠ»ΠΈΠΊΠ° Π½ΡƒΠΆΠ΅Π½ Plus

ΠœΡΡ‚Ρ‡ & Π‘ΠΎΠΏΡ€ΠΎΠ²ΠΎΠ΄

Для мэтча с этой вакансиСй Π½ΡƒΠΆΠ΅Π½ Plus

ОписаниС вакансии

ВСкст:
/

TL;DR

Webapp Offensive Security Engineer (Cybersecurity): Conducting hands-on web application penetration testing to identify complex vulnerabilities and edge cases with an accent on manual exploitation and business-logic flaws. Focus on partnering with software engineers to translate manual findings into durable, autonomous product coverage for the NodeZero platform.

Location: Must be based in the US

Salary: $196,000–$242,000

Company

hirify.global is a cybersecurity company providing autonomous pentesting solutions to help organizations proactively identify and verify exploitable attack vectors.

What you will do

  • Perform full-scope manual web application penetration tests against live customer environments.
  • Identify coverage gaps and blind spots in the autonomous NodeZero platform.
  • Develop production-safe proof-of-concept exploits to demonstrate complex attack chains.
  • Collaborate with software engineers to define detection logic and improve product coverage.
  • Maintain a library of regression and benchmark test cases to ensure long-term product quality.
  • Author technical research and blog posts regarding new exploits and attack methodologies.

Requirements

  • Must be based in the US
  • Extensive hands-on experience conducting full-scope web application penetration tests.
  • Deep practical knowledge of web vulnerability classes like SQLi, XSS, SSRF, IDOR, and auth bypass.
  • Strong proficiency with proxy tools such as Burp Suite and browser developer tools.
  • Ability to script proof-of-concept exploits using Python or similar languages.
  • Proven history of security research, CVE discoveries, or bug bounty contributions.

Nice to have

  • Experience with autonomous or AI-driven pentesting tools.
  • Background in writing detection content like Nuclei templates or custom Burp extensions.
  • Familiarity with Postgres, Neo4j, and AI/LLM agentic workflows.
  • OSCP, OSWE, or comparable offensive security certifications.

Culture & Benefits

  • Competitive salary and equity package in the form of stock options.
  • Comprehensive health, vision, and dental insurance for employees and families.
  • Flexible vacation policy and generous parental leave.
  • Inclusive, collaborative culture that values diversity and continuous learning.
  • Remote-first work model with opportunities for hybrid collaboration.

Π‘ΡƒΠ΄ΡŒΡ‚Π΅ остороТны: Ссли Ρ€Π°Π±ΠΎΡ‚ΠΎΠ΄Π°Ρ‚Π΅Π»ΡŒ просит Π²ΠΎΠΉΡ‚ΠΈ Π² ΠΈΡ… систСму, ΠΈΡΠΏΠΎΠ»ΡŒΠ·ΡƒΡ iCloud/Google, ΠΏΡ€ΠΈΡΠ»Π°Ρ‚ΡŒ ΠΊΠΎΠ΄/ΠΏΠ°Ρ€ΠΎΠ»ΡŒ, Π·Π°ΠΏΡƒΡΡ‚ΠΈΡ‚ΡŒ ΠΊΠΎΠ΄/ПО, Π½Π΅ Π΄Π΅Π»Π°ΠΉΡ‚Π΅ этого - это мошСнники. ΠžΠ±ΡΠ·Π°Ρ‚Π΅Π»ΡŒΠ½ΠΎ ΠΆΠΌΠΈΡ‚Π΅ "ΠŸΠΎΠΆΠ°Π»ΠΎΠ²Π°Ρ‚ΡŒΡΡ" ΠΈΠ»ΠΈ ΠΏΠΈΡˆΠΈΡ‚Π΅ Π² ΠΏΠΎΠ΄Π΄Π΅Ρ€ΠΆΠΊΡƒ. ΠŸΠΎΠ΄Ρ€ΠΎΠ±Π½Π΅Π΅ Π² Π³Π°ΠΉΠ΄Π΅ β†’