Security Research Engineer

Position OverviewWe are seeking a Security Research Engineer to operate as a hybrid Forward Deployed Engineer and offensive security researcher. You'll be on the front lines of customer engagements — using our open source tool Apex to run pentests, curate and present findings, and stand up our platform inside customer environments. In parallel, you'll drive original offensive and open source security research, and feed everything you learn in the field back into the product so Pensar keeps getting sharper as a pentesting platform.This role is customer-facing by design. The ideal candidate is equally comfortable in a terminal popping shells with Apex, on a Zoom with a CISO walking through findings, and in a design review arguing for the next product capability.Key ResponsibilitiesCustomer Engagements & Forward Deployed WorkRun end-to-end pentest engagements for customers using Apex, our open source offensive security toolCurate, triage, and contextualize findings for customer audiences ranging from engineers to executivesDeliver clear, prioritized write-ups and walk customers through results, exploitation paths, and remediationSet up and configure the Pensar platform inside customer environments, including integrations and workflowsAct as a trusted technical partner for customers throughout onboarding, engagements, and ongoing usageTravel to customer sites as needed for kickoffs, readouts, and on-site testingOffensive Security ResearchConduct original offensive security research across web, cloud, infrastructure, and AI/LLM attack surfacesDevelop new exploitation techniques, payloads, and tooling that extend Apex's capabilitiesBuild automated testing methodologies for emerging vulnerability classes and attacker tradecraftTrack the evolving threat landscape and translate it into concrete detections and capabilitiesOpen Source Security ResearchLead vulnerability research across high-impact open source projects and ecosystemsVerify findings, build proof-of-concept exploits, and coordinate responsible disclosure with maintainersContribute patches, advisories, and tooling back to the open source communityGrow Pensar's reputation in the security research community through publications, talks, and contributionsProduct Feedback & Pentesting RoadmapTranslate firsthand engagement experience into concrete recommendations for the product roadmapPartner with engineering and product on capabilities, UX, and automation that make pentesting faster and more reliableParticipate in architecture and design reviews with a focus on the pentester's workflowHelp shape Apex's direction as an open source project alongside the internal platformRequired Qualifications5+ years of experience in offensive security, pentesting, red teaming, or vulnerability researchStrong programming skills in multiple languages (Python, Go, JavaScript, C/C++)Deep, hands-on understanding of modern vulnerability classes across web, cloud, and infrastructureProven track record of running pentest engagements end-to-end and delivering findings to customersExcellent customer-facing communication skills — comfortable presenting to both engineers and executivesExperience contributing to or maintaining open source security toolingBachelor's degree in Computer Science, Cybersecurity, or related field, or equivalent experiencePreferred QualificationsExperience with AI/LLM-assisted offensive security or building security automation on top of LLMsPrior Forward Deployed Engineer, solutions engineering, or consulting experience at a security or developer tools companySecurity certifications (OSCP, OSCE, OSWE, GXPN, or equivalent)Public security research, CVEs, conference talks, or notable open source contributionsExperience with cloud security (AWS, GCP, Azure) and containerized environmentsFamiliarity with compliance frameworks (SOC 2, ISO 27001, PCI DSS) as they relate to pentestingCompensationBase salary: $120,000 – $175,000 per year, depending on experienceMeaningful equity in an early-stage offensive security companyFinal offers calibrated to depth of offensive security experience, the breadth of your research record, and the level you join atWhat We OfferComprehensive health, dental, and vision insuranceDirect ownership of customer engagements and offensive research at an early-stage security companyProfessional development budget for conferences, training, and certificationsSupport for publishing research and presenting at industry conferencesDirect, visible impact on both our open source tooling and commercial platformReports ToCEO / CTOWe are an equal opportunity employer committed to diversity and inclusion. We welcome applications from all qualified candidates regardless of race, gender, age, religion, sexual orientation, or disability status.