Security Research Engineer

Pensar

New York, NY

Apply

JOB DETAILS

SALARY

$120,000–$175,000

SKILLS

Amazon Web Services (AWS), Artificial Intelligence (AI), Automation, Budgeting, C Programming Language, C++ Programming Language, Cloud Computing, Communication Skills, Computer Programming, Computer Science, Concrete, Conferences, Consulting, Customer Relations, Delivery Driving, Develop Methodologies, Diversity, Ecosystems, Establish Priorities, GCP (Good Clinical Practices), Go Programming Language (Golang), Home Automation, ISO (International Organization for Standardization), Internet Research, Internet Security, JavaScript, Machine Tool, Microsoft Windows Azure, Onboarding, Online Courses, Open Source, PCI-DSS, Product Planning, Programming Tools, Proof of Concept, Publications, Python Programming/Scripting Language, Quality Assurance Methodology, Research Skills, Software Patches, Systems Administration/Management, Technical Presentation, Test Automation, User Interface/Experience (UI/UX), Wheel/Front-End Loader, Willing to Travel

LOCATION

New York, NY

POSTED

3 days ago

We are seeking a Security Research Engineer to operate as a hybrid Forward Deployed Engineer and offensive security researcher. You'll be on the front lines of customer engagements — using our open source tool Apex to run pentests, curate and present findings, and stand up our platform inside customer environments. In parallel, you'll drive original offensive and open source security research, and feed everything you learn in the field back into the product so Pensar keeps getting sharper as a pentesting platform.

This role is customer-facing by design. The ideal candidate is equally comfortable in a terminal popping shells with Apex, on a Zoom with a CISO walking through findings, and in a design review arguing for the next product capability.

Key Responsibilities

Customer Engagements & Forward Deployed Work

Run end-to-end pentest engagements for customers using Apex, our open source offensive security tool
Curate, triage, and contextualize findings for customer audiences ranging from engineers to executives
Deliver clear, prioritized write-ups and walk customers through results, exploitation paths, and remediation
Set up and configure the Pensar platform inside customer environments, including integrations and workflows
Act as a trusted technical partner for customers throughout onboarding, engagements, and ongoing usage
Travel to customer sites as needed for kickoffs, readouts, and on-site testing

Offensive Security Research

Conduct original offensive security research across web, cloud, infrastructure, and AI/LLM attack surfaces
Develop new exploitation techniques, payloads, and tooling that extend Apex's capabilities
Build automated testing methodologies for emerging vulnerability classes and attacker tradecraft
Track the evolving threat landscape and translate it into concrete detections and capabilities

Open Source Security Research

Lead vulnerability research across high-impact open source projects and ecosystems
Verify findings, build proof-of-concept exploits, and coordinate responsible disclosure with maintainers
Contribute patches, advisories, and tooling back to the open source community
Grow Pensar's reputation in the security research community through publications, talks, and contributions

Product Feedback & Pentesting Roadmap

Translate firsthand engagement experience into concrete recommendations for the product roadmap
Partner with engineering and product on capabilities, UX, and automation that make pentesting faster and more reliable
Participate in architecture and design reviews with a focus on the pentester's workflow
Help shape Apex's direction as an open source project alongside the internal platform

Compensation

Base salary: $120,000 – $175,000 per year, depending on experience
Meaningful equity in an early-stage offensive security company
Final offers calibrated to depth of offensive security experience, the breadth of your research record, and the level you join at

Reports To

CEO / CTO

We are an equal opportunity employer committed to diversity and inclusion. We welcome applications from all qualified candidates regardless of race, gender, age, religion, sexual orientation, or disability status.

Requirements

5+ years of experience in offensive security, pentesting, red teaming, or vulnerability research

Strong programming skills in multiple languages (Python, Go, JavaScript, C/C++)
Deep, hands-on understanding of modern vulnerability classes across web, cloud, and infrastructure
Proven track record of running pentest engagements end-to-end and delivering findings to customers
Excellent customer-facing communication skills — comfortable presenting to both engineers and executives
Experience contributing to or maintaining open source security tooling
Bachelor's degree in Computer Science, Cybersecurity, or related field, or equivalent experience

Preferred Qualifications

Experience with AI/LLM-assisted offensive security or building security automation on top of LLMs
Prior Forward Deployed Engineer, solutions engineering, or consulting experience at a security or developer tools company
Security certifications (OSCP, OSCE, OSWE, GXPN, or equivalent)
Public security research, CVEs, conference talks, or notable open source contributions
Experience with cloud security (AWS, GCP, Azure) and containerized environments
Familiarity with compliance frameworks (SOC 2, ISO 27001, PCI DSS) as they relate to pentesting

Benefits

Comprehensive health, dental, and vision insurance

Direct ownership of customer engagements and offensive research at an early-stage security company
Professional development budget for conferences, training, and certifications
Support for publishing research and presenting at industry conferences
Direct, visible impact on both our open source tooling and commercial platform

About the Company

Pensar

Resume Resources

Free Resume Templates Free Resume Builder