Pentester - Remote Offensive Security Role

About the Role

We are looking for a talented Pentester remote to join our innovative team at Xbow. In this role, you will be at the forefront of offensive security, working with cutting-edge AI technology to identify and exploit vulnerabilities in software systems. As a Pentester, you will help validate, triage, and refine the output of our AI-powered offensive engine, ensuring that we provide our clients with the highest quality security assessments.

What You'll Do

• Triage output from our AI offensive engine, validating real vulnerabilities and separating signal from noise.
• Conduct vulnerability analysis of false positives to identify root causes and improve detection logic.
• Collaborate with Product, R&D, and AI teams to provide structured feedback on exploit quality and system behavior.
• Analyze discovered vulnerabilities in depth and support AI-driven reporting.
• Assist customers in understanding findings, reproducing issues, and validating impacts.
• Develop repeatable methodologies for evaluating exploit chains and proof-of-concept behavior.
• Own investigations end-to-end, from initial triage to deep-dive analysis and final recommendations.
• Continuously research new vulnerability classes and exploitation techniques to help evolve the platform.

Requirements

• Deep hands-on penetration testing experience, primarily in application, web, and cloud environments.
• Experience validating and reproducing vulnerabilities, including crafting PoCs and assessing exploitability.
• Strong ability to distinguish real issues from false positives, with a methodical and evidence-driven mindset.
• Experience with common offensive tooling (Burp, Nmap, Metasploit, Ghidra, IDA, custom scripts, etc.).
• Strong written communication skills to articulate technical findings clearly to engineers and customers.
• Comfort working in fast-moving, ambiguous environments where problems are not fully defined.
• Curiosity, adaptability, and a willingness to dive deep and learn continuously.

Nice to Have

• Prior experience collaborating closely with software engineering, research, or product teams.
• Background in exploit development, fuzzing, or vulnerability research.
• Experience with large-scale systems, cloud environments, or CI/CD security.
• Experience contributing to or building offensive security tooling.
• Prior work in an early-stage startup or a high-velocity research environment.
• Experience in customer-facing technical roles and/or consulting.

What We Offer

• Competitive salary and a generous equity package, making you a true owner of the company.
• Shape your role, influence product direction, and grow with the company as we redefine cybersecurity.
• You will work on some of the most technically challenging problems in security and help define how AI transforms offensive security.
• All team members are remote, with regular meetings and support for travel to collaborate with colleagues in person.
• Full-time contract with a clear hiring process focused on mission fit and capability.