Position Overview

We are seeking a Security Research Engineer to operate as a hybrid Forward Deployed Engineer and offensive security researcher. You'll be on the front lines of customer engagements — using our open source tool Apex to run pentests, curate and present findings, and stand up our platform inside customer environments. In parallel, you'll drive original offensive and open source security research, and feed everything you learn in the field back into the product so Pensar keeps getting sharper as a pentesting platform.

This role is customer-facing by design. The ideal candidate is equally comfortable in a terminal popping shells with Apex, on a Zoom with a CISO walking through findings, and in a design review arguing for the next product capability.

Key Responsibilities

Customer Engagements & Forward Deployed Work

Run end-to-end pentest engagements for customers using Apex, our open source offensive security tool
Curate, triage, and contextualize findings for customer audiences ranging from engineers to executives
Deliver clear, prioritized write-ups and walk customers through results, exploitation paths, and remediation
Set up and configure the Pensar platform inside customer environments, including integrations and workflows
Act as a trusted technical partner for customers throughout onboarding, engagements, and ongoing usage
Travel to customer sites as needed for kickoffs, readouts, and on-site testing

Offensive Security Research

Conduct original offensive security research across web, cloud, infrastructure, and AI/LLM attack surfaces
Develop new exploitation techniques, payloads, and tooling that extend Apex's capabilities
Build automated testing methodologies for emerging vulnerability classes and attacker tradecraft
Track the evolving threat landscape and translate it into concrete detections and capabilities

Open Source Security Research

Lead vulnerability research across high-impact open source projects and ecosystems
Verify findings, build proof-of-concept exploits, and coordinate responsible disclosure with maintainers
Contribute patches, advisories, and tooling back to the open source community
Grow Pensar's reputation in the security research community through publications, talks, and contributions

Product Feedback & Pentesting Roadmap

Translate firsthand engagement experience into concrete recommendations for the product roadmap
Partner with engineering and product on capabilities, UX, and automation that make pentesting faster and more reliable
Participate in architecture and design reviews with a focus on the pentester's workflow
Help shape Apex's direction as an open source project alongside the internal platform

Required Qualifications

5+ years of experience in offensive security, pentesting, red teaming, or vulnerability research
Strong programming skills in multiple languages (Python, Go, JavaScript, C/C++)
Deep, hands-on understanding of modern vulnerability classes across web, cloud, and infrastructure
Proven track record of running pentest engagements end-to-end and delivering findings to customers
Excellent customer-facing communication skills — comfortable presenting to both engineers and executives
Experience contributing to or maintaining open source security tooling
Bachelor's degree in Computer Science, Cybersecurity, or related field, or equivalent experience

Preferred Qualifications

Experience with AI/LLM-assisted offensive security or building security automation on top of LLMs
Prior Forward Deployed Engineer, solutions engineering, or consulting experience at a security or developer tools company
Security certifications (OSCP, OSCE, OSWE, GXPN, or equivalent)
Public security research, CVEs, conference talks, or notable open source contributions
Experience with cloud security (AWS, GCP, Azure) and containerized environments
Familiarity with compliance frameworks (SOC 2, ISO 27001, PCI DSS) as they relate to pentesting

Compensation

Base salary: $120,000 – $175,000 per year, depending on experience
Meaningful equity in an early-stage offensive security company
Final offers calibrated to depth of offensive security experience, the breadth of your research record, and the level you join at

What We Offer

Comprehensive health, dental, and vision insurance
Direct ownership of customer engagements and offensive research at an early-stage security company
Professional development budget for conferences, training, and certifications
Support for publishing research and presenting at industry conferences
Direct, visible impact on both our open source tooling and commercial platform

Reports To

CEO / CTO

We are an equal opportunity employer committed to diversity and inclusion. We welcome applications from all qualified candidates regardless of race, gender, age, religion, sexual orientation, or disability status.

Position Overview

Key Responsibilities

Customer Engagements & Forward Deployed Work

Run end-to-end pentest engagements for customers using Apex, our open source offensive security tool
Curate, triage, and contextualize findings for customer audiences ranging from engineers to executives
Deliver clear, prioritized write-ups and walk customers through results, exploitation paths, and remediation
Set up and configure the Pensar platform inside customer environments, including integrations and workflows
Act as a trusted technical partner for customers throughout onboarding, engagements, and ongoing usage
Travel to customer sites as needed for kickoffs, readouts, and on-site testing

Offensive Security Research

Conduct original offensive security research across web, cloud, infrastructure, and AI/LLM attack surfaces
Develop new exploitation techniques, payloads, and tooling that extend Apex's capabilities
Build automated testing methodologies for emerging vulnerability classes and attacker tradecraft
Track the evolving threat landscape and translate it into concrete detections and capabilities

Open Source Security Research

Lead vulnerability research across high-impact open source projects and ecosystems
Verify findings, build proof-of-concept exploits, and coordinate responsible disclosure with maintainers
Contribute patches, advisories, and tooling back to the open source community
Grow Pensar's reputation in the security research community through publications, talks, and contributions

Product Feedback & Pentesting Roadmap

Translate firsthand engagement experience into concrete recommendations for the product roadmap
Partner with engineering and product on capabilities, UX, and automation that make pentesting faster and more reliable
Participate in architecture and design reviews with a focus on the pentester's workflow
Help shape Apex's direction as an open source project alongside the internal platform

Required Qualifications

5+ years of experience in offensive security, pentesting, red teaming, or vulnerability research
Strong programming skills in multiple languages (Python, Go, JavaScript, C/C++)
Deep, hands-on understanding of modern vulnerability classes across web, cloud, and infrastructure
Proven track record of running pentest engagements end-to-end and delivering findings to customers
Excellent customer-facing communication skills — comfortable presenting to both engineers and executives
Experience contributing to or maintaining open source security tooling
Bachelor's degree in Computer Science, Cybersecurity, or related field, or equivalent experience

Preferred Qualifications

Experience with AI/LLM-assisted offensive security or building security automation on top of LLMs
Prior Forward Deployed Engineer, solutions engineering, or consulting experience at a security or developer tools company
Security certifications (OSCP, OSCE, OSWE, GXPN, or equivalent)
Public security research, CVEs, conference talks, or notable open source contributions
Experience with cloud security (AWS, GCP, Azure) and containerized environments
Familiarity with compliance frameworks (SOC 2, ISO 27001, PCI DSS) as they relate to pentesting

Compensation

Base salary: $120,000 – $175,000 per year, depending on experience
Meaningful equity in an early-stage offensive security company
Final offers calibrated to depth of offensive security experience, the breadth of your research record, and the level you join at

What We Offer

Comprehensive health, dental, and vision insurance
Direct ownership of customer engagements and offensive research at an early-stage security company
Professional development budget for conferences, training, and certifications
Support for publishing research and presenting at industry conferences
Direct, visible impact on both our open source tooling and commercial platform

Reports To

CEO / CTO

Security Research Engineer

Position Overview

Key Responsibilities

Customer Engagements & Forward Deployed Work

Offensive Security Research

Open Source Security Research

Product Feedback & Pentesting Roadmap

Required Qualifications

Preferred Qualifications

Compensation

What We Offer

Reports To

Send us a note about why this role.

Security Research Engineer

Position Overview

Key Responsibilities

Customer Engagements & Forward Deployed Work

Offensive Security Research

Open Source Security Research

Product Feedback & Pentesting Roadmap

Required Qualifications

Preferred Qualifications

Compensation

What We Offer

Reports To

Send us a note about why this role.