Show more filters
Banner image for OX Security

Application Security Researcher

OX Security

3.3
1 review
OX Security
Job Type   /   Job Level
Full-time   /   Others/Any
Company Location
Poland
We’re looking for an Application Security Researcher with strong penetration testing skills and a solid development or research background to join our Security Research group. This is a critical role where you’ll work closely with developers, researchers and AI & data scientists to build OX application security platform; working on cutting-edge autonomous agentic pentests 🚀

Responsibilities:

What You’ll Be Doing

You are coming here to solve the problem of Autonomous Offense.

  • Architect the "Mind": You will design the decision-making core of our Agents. You’ll architect detection engines, design how to look at our massive data graph and leverage it for precise attacks.
  • Weaponize the Context: You will invent new classes of automated attacks that are only possible because we have ASPM data. You are turning "observability" into "exploitability."
  • Break New Ground: You will lead research on chaining logic flaws and complex vulnerabilities, moving the industry far beyond simple pattern matching.
  • Engineer the Future: You will prototype, code, and ship. This is a hands-on role for a builder who wants to see their research running in production environments globally.
  • Key member in a world-class security research group: Take active part of the ideation process and prototyping of new features and product offerings.

Requirements:

What We’re Looking For

  • 4+ years of experience in Application Security, Penetration Testing, or Secure Development
  • Strong knowledge of common vulnerabilities (OWASP Top 10, etc.) and remediation techniques
  • Experience with code-level analysis and familiarity with modern development stacks
  • Team player who can communicate clearly with technical and non-technical stakeholders
  • You have a deep background in Application Security or Red Teaming and the engineering chops to codify your intuition.
  • You thrive in elite, fast-moving environments where the path forward isn't always mapped, and you are driven by the opportunity to define it yourself
  • Familiarity with DevSecOps practices or security automation tools



The DNA We Are Looking For

We are looking for the Top 1%. The outliers. The people who are bored by standard security roles.

  • You Are a Builder-Breaker: You don’t just find bugs; you write the tools to find them faster. You are fluent in code and dangerous in a shell.
  • You Have Deep Offensive Instincts: You’ve spent years in the trenches of AppSec, Red Teaming, or high-end Pentesting. You know how systems break, and you know how to teach a machine to spot those fractures.
  • You Think in Graphs: You understand that modern security isn't a list of bugs; it's a web of connections. You get excited about traversing relationships between Code and Cloud.
  • You Are Fearless: You want to work on the bleeding edge of AI and Security. You aren't afraid of hard engineering problems that have no Stack Overflow or ChatGPT answers.

Bonus Points For

  • A track record of high-impact CVEs, public security research, podium appearances at elite conferences (BlackHat, DEFCON, etc.), or experience with bug bounty programs or red teaming.
  • Proven software engineering experience or hands-on experience experimenting with LLMs or autonomous agents to solve complex security or automation puzzles.
  • Passion for building secure products and empowering developers to do the same
Jobs in Poland   »   Jobs in Warsaw, Mazowieckie, Poland   »   Application Security Researcher

More jobs