Security Researcher

About the Role

ZeroPath has already disclosed vulnerabilities in curl (150+ bugs fixed), FFmpeg, django-allauth, OpenSSL, and Avahi. You will expand that list. This role sits at the intersection of manual security research and AI-augmented discovery. You will audit codebases, validate and triage findings from our LLM-powered scanner, and feed your expertise back into the detection engine. Your work directly improves what the AI catches next time.

What You'll Do

• Conduct security research on open-source projects and customer codebases across multiple languages
• Validate and triage AI-generated vulnerability findings to calibrate false positive rates
• Write detailed vulnerability reports and coordinate responsible disclosure and CVE assignment
• Define and refine detection rules, heuristics, and prompt strategies for the scanning engine
• Collaborate with the engineering team to improve detection of business logic and auth flaws
• Contribute to ZeroPath's public research blog and Wall of Fame

What We're Looking For

• 3+ years of experience in application security research, penetration testing, or red teaming
• Demonstrated ability to find and responsibly disclose vulnerabilities (CVEs, bug bounties, or published research)
• Strong understanding of common vulnerability classes: OWASP Top 10, business logic flaws, auth bypasses, injection chains
• Proficiency in reading and analyzing code across Python, JavaScript/TypeScript, Go, Java, or C/C++
• Experience with static analysis concepts, code review, and source code auditing
• Excellent written communication for vulnerability reports and research write-ups

Nice to Have

• Published CVEs or a meaningful bug bounty track record
• Experience with tree-sitter, semgrep, CodeQL, or similar code analysis tooling for benchmarking
• Familiarity with LLM-powered security tools or AI-augmented research workflows
• Contributions to open-source security projects