Build the future of offensive security with XBOW. Attackers are already using AI to move faster than defenders can react—we’re creating the platform that puts security ahead in the arms race. Our AI-powered system autonomously discovers, validates, and even exploits vulnerabilities, giving organizations proof-backed results in hours instead of weeks.
Founded by Oege de Moor, creator of GitHub Copilot, and backed by Sequoia, Altimeter, and other leading investors, XBOW is applying cutting-edge AI to one of the world’s most urgent problems. In just over a year, our AI, built by a world-class AI team and legendary security researchers — has uncovered thousands of real-world zero-days across the software billions rely on, and achieved the #1 ranking on HackerOne’s global leaderboard.
We’re a team of builders, hackers, and researchers who thrive on solving problems others think are impossible. If you want to push the boundaries of AI, reshape how security is done, and join the group defining this new era of defense — we’d love to talk.
Your Role: Pentest Automation Engineer
This role is responsible for designing, running, and maintaining an always-on testing program that applies XBOW across public bug bounty environments and partnered open-source projects.
Day to day, the individual will build and operate fully automated systems that handle everything from reconnaissance and safety validation to target selection, attack execution, and results analysis. They will continuously evaluate which systems to test based on exposure and business impact, integrate new and experimental XBOW capabilities into live workflows, and ensure all activity stays compliant with program rules.
A major focus of the role is developing and maintaining robust automation, internal tooling, and shared dashboards that give visibility into active testing efforts across the company.
Responsibilities
Essential
Skills and Qualifications
- Profession experience with Typescript in automation tooling
- Professional experience with AWS
- Professional expertise in Linux, and CI/CD pipelines (in particular GitHub Actions) and other Infrastructure & DevOps tooling
Advantageous
- Professional experience with Go or Python in automation tooling
- Professional experience with additional cloud providers (GCP, Azure etc.)
- Professional experience with DevOps and IaC technologies such as Kubernetes, Docker, Terraform
What we offer
- Compensation & Equity: Competitive salary and a generous equity package, making you a true owner of the company.
- Career Growth: Shape your role, lead the function, and grow with the company as we redefine cybersecurity.
- Meaningful Work: You will tackle technically complex challenges and play a pivotal role in the growth of our business, working alongside an amazing team and some of the world’s experts to shape how AI transforms cybersecurity.
What else you should know
- Location: Remote (all team members are remote but we meet regularly and you’re supported to travel to collaborate with colleagues in person)
- Contract: Full-time.
We aren't focused on seniority titles at XBOW—so if you’re worried about “leveling,” don’t be. We care a lot more about mission fit, capability, and impact than what’s on your LinkedIn headline.
We believe in people who are driven by curiosity and a willingness to learn. Even if you don't check every box, we encourage you to apply if you're excited about the role and our mission.
