Security Research Engineer
Pensar · New York, NY · 1 mo ago
On-siteEngineering$120k–$175k/yrFull-time
Key Responsibilities
- Run end-to-end pentest engagements for customers using Apex, our open source offensive security tool
- Curate, triage, and contextualize findings for customer audiences ranging from engineers to executives
- Deliver clear, prioritized write-ups and walk customers through results, exploitation paths, and remediation
- Set up and configure the Pensar platform inside customer environments, including integrations and workflows
- Act as a trusted technical partner for customers throughout onboarding, engagements, and ongoing usage
- Travel to customer sites as needed for kickoffs, readouts, and on-site testing
Offensive Security Research
- Conduct original offensive security research across web, cloud, infrastructure, and AI/LLM attack surfaces
- Develop new exploitation techniques, payloads, and tooling that extend Apex's capabilities
- Build automated testing methodologies for emerging vulnerability classes and attacker tradecraft
- Track the evolving threat landscape and translate it into concrete detections and capabilities
Open Source Security Research
- Lead vulnerability research across high-impact open source projects and ecosystems
- Verify findings, build proof-of-concept exploits, and coordinate responsible disclosure with maintainers
- Contribute patches, advisories, and tooling back to the open source community
- Grow Pensar's reputation in the security research community through publications, talks, and contributions
Product Feedback & Pentesting Roadmap
- Translate firsthand engagement experience into concrete recommendations for the product roadmap
- Partner with engineering and product on capabilities, UX, and automation that make pentesting faster and more reliable
- Participate in architecture and design reviews with a focus on the pentester's workflow
- Help shape Apex's direction as an open source project alongside the internal platform