Offensive Security Researcher — Browser Vulnerability Research & Agentic AI
Description We are seeking an Offensive Security Researcher with a focus on modern web browsers and a strong interest in applying agentic AI workflows to vulnerability research. The role involves identifying, analyzing, and exploiting vulnerabilities in browser engines and related components, while helping design and integrate AI-assisted workflows that make advanced security research more effective. This includes using AI agents, LLM-based tooling, and automated analysis pipelines to support code exploration, patch diffing, crash triage, root-cause analysis, fuzzing workflows, variant discovery, and exploit development. This is not a prompt engineering role. We are looking for someone with real vulnerability research depth who wants to explore how agentic AI can augment expert researchers working on complex, high-value targets.
Responsibilities
Discover and analyze vulnerabilities in JavaScript engines, rendering pipelines, IPC mechanisms, browser sandboxes, and related components. Reverse engineer browser internals, including JIT compilers, garbage collectors, memory management subsystems, object models, and browser security boundaries. Develop proof-of-concept exploits and produce clear, rigorous technical documentation. Track modern browser security mitigations and assess their effectiveness against real-world exploitation techniques. Use fuzzing, crash analysis, patch diffing, source-code auditing, and variant analysis to identify high-value vulnerability classes. Contribute to the design and integration of agentic AI workflows for vulnerability research, including AI-assisted code review, crash triage, root-cause analysis, patch analysis, and tool orchestration. Work with AI/LLM-enabled systems that interact with security tools, code search platforms, debuggers, fuzzers, static analysis frameworks, and reverse engineering environments. Evaluate where AI agents can meaningfully accelerate vulnerability research, and where human expertise, validation, and skepticism remain essential. Collaborate with vulnerability researchers, exploit developers, reverse engineers, and AI-focused engineers on high-impact offensive security projects.
Requirements
Strong expertise in C/C++ and low-level programming. Experience in reverse engineering, fuzzing, vulnerability discovery, and exploit development. Knowledge of modern browser architectures and JavaScript engines such as V8, SpiderMonkey, JavaScriptCore, Blink, WebKit, Gecko, or Chromium internals. Familiarity with browser security models, sandboxing technologies, IPC mechanisms, memory corruption primitives, and modern exploitation mitigations. Ability to analyze large and complex codebases independently. Experience with debugging and reverse engineering tools such as LLDB, GDB, WinDbg, rr, IDA Pro, Ghidra, Binary Ninja, sanitizers, or browser-specific debugging infrastructure. Strong scripting and automation skills, preferably in Python, JavaScript, TypeScript, or similar languages. Interest in AI-assisted vulnerability research, agentic workflows, LLM tool use, automated code analysis, or AI-assisted fuzzing and triage. Ability to critically evaluate AI-generated output and separate useful research signals from hallucinations, noise, and false positives. Proven track record in vulnerability research, CVEs, exploit development, bug bounty research, Pwn2Own-style research, or equivalent private research is highly valued.
Nice to Have
Experience discovering or exploiting vulnerabilities in real browser targets. Deep knowledge of one or more browser subsystems, such as JIT compilers, garbage collectors, DOM, WASM, graphics, media, networking, IPC, or sandboxing. Experience with coverage-guided fuzzing, custom harness development, corpus management, crash deduplication, or large-scale fuzzing infrastructure. Experience with patch diffing, variant analysis, exploit reliability, or mitigation bypass research. Experience integrating LLMs or AI agents with tools such as CodeQL, Semgrep, Ghidra, IDA, debuggers, fuzzers, source-code indexes, or custom static/dynamic analysis systems. Experience working with local or restricted AI deployments, open-weight models, RAG systems, or secure environments where sensitive code and research artifacts cannot be sent to external services. Interest in building internal tooling that makes expert vulnerability researchers faster, more systematic, and more effective. Apply To This Job