Horizon3. ai
cybersecurity
WebappOffensiveSecuritySoftwareEngineer
Neural analysis suggests this role is
optimal for Mid+ candidates.
“Webapp Offensive Security Software Engineer at Horizon3. ai. Skills: Web application penetration testing, Software development, AI-enhanced security techniques, Offensive security content integration. Design, develop, and integrate web application offensive security content into the NodeZero platform. Design, develop, and integrate novel attack capabilities into the NodeZero platform, including offensive security tooling and AI-enhanced techniques”
What You'll Achieve.
Enabling organizations to proactively find and fix and verify exploitable attack vectors before criminals exploit them; Deliver production-safe autonomous pentests and other key assessment operations that scale across the largest internal, external, cloud, and hybrid cloud environments; Significant impact on how we deliver value to our customers by designing, developing, and integrating web application penetration testing content into the NodeZero platform
Industry & Context.
Analytical and problem-solving skills; Outstanding problem-solving aptitude
Up to 15% of travel may be required, Job-related travel expenses are reviewed and must be approved by your manager
What They're Looking For.
Must Have
Experience conducting full scope web application pentests, Experience with proxy tools like Burp, Experience with browser developer tools, Proficient in object-oriented programming, Proficient in test-driven development, Analytical and problem-solving skills, Experience applying AI-assisted development tools to security research and automation tasks, Skilled in designing, evaluating, and communicating technical solutions across systems, APIs, algorithms, and data structures, Written and verbal communication, Ability to manage multiple priorities, Ability to work independently, Quick to learn and adopt new technologies as needed, History of recognized security research, including documented CVE discoveries and responsible disclosure, Track record of successful bug bounty contributions
Nice to Have
Experience developing software and automation to aid in web application pentesting, Background in large-scale software development projects, Experience fine-tuning language models or implementing retrieval-augmented generation (RAG) for security-focused applications, Experience with AI/LLM tools for building agentic workflows (e.g., LangChain, LangFlow), Experience integrating contextual data using protocols like Model Context Protocol (MCP), OSCP (Offensive Security Certified Professional) Certification
What You'll Do.
and integrate web application offensive security content into the NodeZero platform
and integrate novel attack capabilities into the NodeZero platform
including offensive security tooling and AI-enhanced techniques
Research and implement AI-driven methods for vulnerability detection
and workflow automation
Extend and maintain platform architecture
and system design to support new product features
Monitor production for issues or missed opportunities and create or resolve Jira tickets as needed
Integrate open-source and in-house tools
ensuring quality through testing
and production monitoring
and resolve bugs in developed content
Author technical blog posts showcasing new research
or attack methodologies
Mentor junior engineers and contribute to continuous improvement of team processes and standards
Work with security researchers to understand the technical aspects of reverse engineered exploits and weaponizing these exploits into the product
How You'll Work.
Team & Collaboration
Collaborate cross-functionally to address customer and prospect concerns related to attack content; Mentor junior engineers; Contribute to continuous improvement of team processes and standards; Work with our security researchers; Inclusive Team: We value diversity and promote an inclusive culture where everyone can thrive; Collaborative environment
Communication Scope
Written and verbal communication; Communicating technical solutions; Technical documentation and communication skills; Document findings, methodologies, and recommendations for both technical and non-technical stakeholders; Presenting technical solutions
Process & Methodology
Ability to manage multiple priorities
Full Job Description
Get to Know Us Horizon3.ai is a fast-growing, remote cybersecurity company dedicated to the mission of enabling organizations to proactively find and fix and verify exploitable attack vectors before criminals exploit them. Our flagship product, the NodeZeroTM platform, delivers production-safe autonomous pentests and other key assessment operations that scale across the largest internal, external, cloud, and hybrid cloud environments. NodeZero has been adopted by organizations of all sizes, from small educational institutions to government agencies and Global 100 enterprises. It is used by ITOps/SecOps teams, consulting pentesters, and MSSPs and MSPs. We are a fusion of former U.S. Special Operations cyber operators, startup engineers, and formerly frustrated cybersecurity practitioners. We're committed to helping solve our common security problems: ineffective security tools, false positives resulting in alert fatigue, blind spots, "checkbox” security culture, cybersecurity skills shortage, and the long lead time and expense of hiring outside consultants. Collectively, we are a team of learn it alls, committed to a culture of respect, collaboration, ownership, and results. Summary We're looking for an Offensive Security Software Engineer with extensive web application penetration testing experience and a growing interest in AI-enhanced security techniques. You will have a significant impact on how we deliver value to our customers by designing, developing, and integrating web application penetration testing content into the NodeZero platform. This position requires practical expertise in full-scope web application testing, proven software development skills, and enthusiasm for leveraging emerging AI technologies to advance offensive security capabilities. Essential Functions - Design, develop, and integrate web application offensive security content into the NodeZero platform - Design, develop, and integrate novel attack capabilities into the NodeZero platform,
Applying for this Webapp Offensive Security Software Engineer role?
Most applicants get filtered before a human reads their resume. See if yours makes the cut.
How to Apply on Ashby
- Ashby is a fast modern ATS — most applications take under 3 minutes.
- The resume parser is strong; verify parsed experience dates and job titles.
- Custom screening questions are often scored algorithmically — answer completely.
- Location field affects geo-based screening; use your actual metro area.
ANONYMOUS · UNFILTERED
What do employees actually say about Horizon3. ai?
Real rants from real employees. Read before you apply.