Security Researcher - Remote
13 hours ago
Job description
Build the future of offensive security with XBOW. Attackers are already using AI to move faster than defenders can react—we're creating the platform that puts security ahead in the arms race. Our AI-powered system autonomously discovers, validates, and even exploits vulnerabilities, giving organizations proof-backed results in hours instead of weeks.
Founded by Oege de Moor, creator of GitHub Copilot, and backed by Sequoia, Altimeter, and other leading investors, XBOW is applying cutting-edge AI to one of the world's most urgent problems. In just over a year, our AI, built by a world-class AI team and legendary security researchers — has uncovered thousands of real-world zero-days across the software billions rely on, and achieved the #1 ranking on HackerOne's global leaderboard.
We're a team of builders, hackers, and researchers who thrive on solving problems others think are impossible. If you want to push the boundaries of AI, reshape how security is done, and join the group defining this new era of defense — we'd love to talk.
Your Role: Security Researcher
In this role, the individual will oversee and operate a continuous initiative deploying XBOW across public bug bounty programs and selected open-source projects, ensuring all activity stays within defined scope and platform guidelines.
They will assess and rank targets based on exposure and potential impact, coordinate the rollout of new attack capabilities, and manage the flow of testing activity to balance coverage and capacity.
A core part of the day-to-day involves reviewing and confirming vulnerabilities, preparing clear and credible disclosure reports, and maintaining strong relationships with bug bounty platforms and open-source communities. They will also contribute high-quality technical write-ups of notable discoveries for public or marketing use.
Responsibilities:
- Ownership and execution of a continuous program running XBOW against public bug bounty programs, e.g. companies using HackerOne.
- Ownership and execution of a program running XBOW in collaboration with open-source projects (program to be launched in Q2).
- Ensuring that targets are attackable and our activities would be within their bug-bounty scope.
- Prioritizing targets based on attack surface and target value.
- Incorporation of pre-release XBOW software (e.g. new attack techniques or validators) into the program schedule.
- Managing the attack pipeline, including criteria for target prioritization and program capacity planning.
- Validating findings and submitting disclosure reports. This includes a particular responsibility to make sure that our reports are high quality, free of "AI slop", and well received by the target company.
- Working with public bug-bounty platforms to ensure that our activity is well-understood by them and within their platform rules.
- Working with open-source communities to build a public testing program.
- Professional write-up of interesting findings or exploits, for marketing (e.g. blogs), or public presentation (e.g. Black Hat / DEFCON).
Skills and Qualifications
Essential:
- Professional, hands-on, pentest or cybersecurity research skills.
- Strong professional written English with a cybersecurity focus. Researchers will have an editor available before publication, but written work should be strong enough to be edited.
Advantageous:
- Experience working either side of a bug-bounty program
- Professional writing in other languages
What we offer
- Compensation & Equity: Competitive salary and a generous equity package, making you a true owner of the company.
- Career Growth: Shape your role, lead the function, and grow with the company as we redefine cybersecurity.
- Meaningful Work: You will tackle technically complex challenges and play a pivotal role in the growth of our business, working alongside an amazing team and some of the world's experts to shape how AI transforms cybersecurity.
What else you should know
- Location: Remote (all team members are remote but we meet regularly and you're supported to travel to collaborate with colleagues in person)
- Contract: Full-time.
We aren't focused on seniority titles at XBOW—so if you're worried about "leveling," don't be. We care a lot more about mission fit, capability, and impact than what's on your LinkedIn headline.
We believe in people who are driven by curiosity and a willingness to learn. Even if you don't check every box, we encourage you to apply if you're excited about the role and our mission.
Similar jobs
+Build the future of offensive security with XBOW. Attackers are already using AI to move faster than defenders can react—we're creating the platform that puts security ahead in the arms race. · +Own XBOW's content strategy across the full funnel: awareness, consideration, and co ...
1 month ago
We are seeking a highly skilled Incident Manager to oversee and coordinate response efforts for cybersecurity and IT incidents within our organization. · Lead incident response processes by identifying, analyzing, and resolving security incidents across various systems and networ ...
1 week ago
We are seeking a highly skilled Engineer to join our dynamic team, · focusing on designing, implementing and maintaining complex network and cybersecurity solutions.DutiesDesign secure network infrastructure. · Configure network devices. · ...
1 month ago
We're looking for a Director, Web Experience to make the clearest expression of the XBOW brand and define web experiences that feel cinematic and credible. · ...
1 month ago
We're seeking a talented software engineer specializing in security and privacy to help grow our product security team. · Collaborate with highly technical teams to improve Tailscale's security properties. · ...
1 month ago
We are seeking a visionary Director of Engineering to lead the Platform Services team. This critical leadership role drives the architecture, development and operation of the foundational services powering our next-generation SaaS product. ...
5 days ago
Build the future of offensive security with XBOW. Attackers are already using AI to move faster than defenders can react—we're creating the platform that puts security ahead in the arms race. · Own organic growth strategy across SEO, GEO, content, and platform-native discovery ch ...
1 month ago
About XBOW · Build the future of offensive security with XBOW. Attackers are already using AI to move faster than defenders can react—we're creating the platform that puts security ahead in the arms race. Our AI-powered system autonomously discovers, validates, and even exploits ...
13 hours ago
We are looking for Cloud Services Engineer to join our Cloud Services Team. · Discover · , Catalog · , Annotate Cloud Applications · , · → Research APIs, ...
3 days ago
We're looking for a Business Development Representative to join our team at Packetlabs. As the first line of communication with a prospect, the ideal BDR has a strong understanding of the sales process and excels at researching leads, starting new relationships, and setting up Ac ...
1 month ago
As a volunteer Walk Event Coordinator, you will be responsible for organizing all aspects of planning and executing a regional walk for Canada Walks for Bladder Cancer in your community. · ...
2 days ago
As a volunteer Walk Event Coordinator for Canada Walks for Bladder Cancer in Barrie ON you will be responsible for organizing all aspects of planning and executing a regional walk. · ...
2 days ago
+BeyondTrust is a place where you can bring your purpose to life through the work that you do, creating a safer world through our cybersecurity SaaS portfolio. · ...
3 weeks ago
This is a temp role with the BeyondTrust Trust & Assurance team for 3 months for a full time Compliance Analyst role. · ...
3 weeks ago
Principal Product Designer, Integrated Workflows
Only for registered members
Mural is reimagining how teams think and create together. The Design and Research team brings clarity to complexity, shaping experiences that help people collaborate, ideate, and solve problems visually. · ...
4 weeks ago
Build the future of offensive security with XBOW. Attackers are already using AI to move faster than defenders can react—we're creating the platform that puts security ahead in the arms race. Our AI-powered system autonomously discovers, validates, and even exploits vulnerabiliti ...
13 hours ago
We're creating the platform that puts security ahead in the arms race. Our AI-powered system autonomously discovers, validates, · and even exploits vulnerabilities. · Automation of site reliability infrastructure monitoring self-healing systems. · Description and ownership of Ser ...
1 week ago
AlphaPoint has set up an AI Lab to rapidly prototype and develop AI focused applications. We are seeking a highly creative, analytical, and performance-driven Growth Hacker to help promote and develop test marketing strategies of the MVP's and prototypes that the lab develops. · ...
1 month ago
SonicWall is a cybersecurity forerunner with more than 30 years of expertise. This role will drive revenue growth by generating and nurturing high-quality Sales Accepted Leads (SALs) · Lead Generation Lead QualificationPipeline DevelopmentSales Team Collaboration ...
2 days ago
Sales Development Representative: drive revenue growth by generating and nurturing high-quality Sales Accepted Leads (SALs) for a mission-driven organization in the fast-paced cybersecurity industry. · ...
3 days ago