Company

Technology

OffensiveSecurityResearcher—BrowserVulnerabilityResearch&AgenticAI

$7500–12000k ~AI est. Global FULL TIME Remote Friendly

Market Sentiment

HIGH DEMAND

Neural analysis suggests this role is
optimal for Mid+ candidates.

The Brief

“Offensive Security Researcher — Browser Vulnerability Research & Agentic AI. Skills: Browser vulnerability research, Agentic AI workflows, Vulnerability analysis, Exploit development. Discover vulnerabilities in JavaScript engines. Analyze vulnerabilities in JavaScript engines”

What You'll Achieve.

Make research more effective; Accelerate vulnerability research

Industry & Context.

Technology

Problems you'll solve

Root-cause analysis; Troubleshooting

What They're Looking For.

Must Have

Expertise in C/C++, Low-level programming expertise, Experience in reverse engineering, Fuzzing experience, Vulnerability discovery experience, Exploit development experience, Knowledge of modern browser architectures, Knowledge of JavaScript engines, Familiarity with browser security models, Familiarity with sandboxing technologies, Familiarity with IPC mechanisms, Familiarity with memory corruption primitives, Familiarity with modern exploitation mitigations, Ability to analyze large codebases, Ability to analyze complex codebases, Experience with debugging tools, Experience with reverse engineering tools, Scripting and automation skills, Ability to critically evaluate AI-generated output, Separate useful research signals from hallucinations, Separate useful research signals from noise, Separate useful research signals from false positives

Nice to Have

Experience discovering vulnerabilities in browsers, Experience exploiting vulnerabilities in browsers, Deep knowledge of browser subsystems, Experience with coverage-guided fuzzing, Custom harness development experience, Corpus management experience, Crash deduplication experience, Large-scale fuzzing infrastructure experience, Patch diffing experience, Variant analysis experience, Exploit reliability experience, Mitigation bypass research experience, Experience integrating LLMs with tools, Experience integrating AI agents with tools, Experience with local AI deployments, Experience with restricted AI deployments, Experience with open-weight models, Experience with RAG systems, Experience in secure environments, Interest in building internal tooling

What You'll Do.

Discover vulnerabilities in JavaScript engines

Analyze vulnerabilities in JavaScript engines

Discover vulnerabilities in rendering pipelines

Analyze vulnerabilities in rendering pipelines

Discover vulnerabilities in IPC mechanisms

Analyze vulnerabilities in IPC mechanisms

Discover vulnerabilities in browser sandboxes

Analyze vulnerabilities in browser sandboxes

Discover vulnerabilities in related components

Analyze vulnerabilities in related components

Reverse engineer browser internals

Develop proof-of-concept exploits

Produce technical documentation

Track modern browser security mitigations

Assess mitigation effectiveness

Use fuzzing for vulnerability identification

Use crash analysis for vulnerability identification

Use patch diffing for vulnerability identification

Use source-code auditing for vulnerability identification

Use variant analysis for vulnerability identification

Contribute to AI workflow design

Integrate AI workflows for research

Assist code review with AI

Assist crash triage with AI

Assist root-cause analysis with AI

Assist patch analysis with AI

Assist tool orchestration with AI

Work with AI/LLM systems

Interact with security tools

Interact with code search platforms

Interact with debuggers

Interact with fuzzers

Interact with static analysis frameworks

Interact with reverse engineering environments

Evaluate where AI agents accelerate research

Validate AI-generated output

Skeptically evaluate AI output

How You'll Work.

Team & Collaboration

Collaborate with researchers; Collaborate with exploit developers; Collaborate with reverse engineers; Collaborate with AI engineers

Communication Scope

Technical documentation

Full Job Description

DESCRIPTION We are seeking an Offensive Security Researcher with a focus on modern web browsers and a strong interest in applying agentic AI workflows to vulnerability research. The role involves identifying, analyzing, and exploiting vulnerabilities in browser engines and related components, while helping design and integrate AI-assisted workflows that make advanced security research more effective. This includes using AI agents, LLM-based tooling, and automated analysis pipelines to support code exploration, patch diffing, crash triage, root-cause analysis, fuzzing workflows, variant discovery, and exploit development. This is not a prompt engineering role. We are looking for someone with real vulnerability research depth who wants to explore how agentic AI can augment expert researchers working on complex, high-value targets. RESPONSIBILITIES - Discover and analyze vulnerabilities in JavaScript engines, rendering pipelines, IPC mechanisms, browser sandboxes, and related components. - Reverse engineer browser internals, including JIT compilers, garbage collectors, memory management subsystems, object models, and browser security boundaries. - Develop proof-of-concept exploits and produce clear, rigorous technical documentation. - Track modern browser security mitigations and assess their effectiveness against real-world exploitation techniques. - Use fuzzing, crash analysis, patch diffing, source-code auditing, and variant analysis to identify high-value vulnerability classes. - Contribute to the design and integration of agentic AI workflows for vulnerability research, including AI-assisted code review, crash triage, root-cause analysis, patch analysis, and tool orchestration. - Work with AI/LLM-enabled systems that interact with security tools, code search platforms, debuggers, fuzzers, static analysis frameworks, and reverse engineering environments. - Evaluate where AI agents can meaningfully accelerate vulnerability research, and where human expertise, valida

Free ATS check

Applying for this Offensive Security Researcher — Browser Vulnerability Research & Agentic AI role?

Most applicants get filtered before a human reads their resume. See if yours makes the cut.

Should you apply? AI reads your resume vs this job — match score, gaps to address, ATS keywords.

SKILL SIGNAL 42 detected · ranked by frequency

Exploit development ×6

Low-level programming ×3

Fuzzing workflows ×3

Variant discovery ×3

Crash triage ×3

Root-cause analysis ×3

Patch diffing ×3

Source-code auditing ×3

Memory corruption ×3

Exploitation techniques ×3

Browser vulnerability research ×2

Agentic AI workflows ×2

Vulnerability analysis ×2

C/C++

Python

JavaScript

TypeScript

SpiderMonkey

JavaScriptCore

Blink

WebKit

Gecko

Chromium internals

AI agents

LLM-based tooling

Vulnerability research

Reverse engineering

Code review

Patch analysis

Tool orchestration

Automated analysis

Role Details

Seniority Senior

Work Mode Remote

Type FULL TIME

Category software

Salary Band 200k+

AI-Extracted Insights

Domain Areas

browser-internalsjit-compilersgarbage-collectorsmemory-managementobject-modelsbrowser-security-boundariesbrowser-security-modelssandboxing-technologies

How to Apply on Ashby

Ashby is a fast modern ATS — most applications take under 3 minutes.
The resume parser is strong; verify parsed experience dates and job titles.
Custom screening questions are often scored algorithmically — answer completely.
Location field affects geo-based screening; use your actual metro area.

ANONYMOUS · UNFILTERED

What do employees actually say about this company?

Real rants from real employees. Read before you apply.

Read Company Rants →