Security Researcher

We’re looking for a Security Researcher who is passionate about uncovering, analyzing, and preventing vulnerabilities in modern software. This role sits at the intersection of AI, security research, and developer tooling. You’ll help shape how Corgea detects new classes of vulnerabilities and automate secure code analysis at scale. This is a remote position based in the US (preferably in California or the San Francisco Bay Area).

• Research and design detection methods for emerging vulnerability classes across multiple languages and frameworks.
• Analyze source code, binaries, and AI-generated code to identify new exploit patterns and attack surfaces.
• Collaborate with our engineering team to integrate your research into Corgea’s AI-driven security engine.
• Conduct security evaluations of open-source and enterprise applications to validate and refine Corgea’s models.
• Stay current on the latest CVEs, exploit techniques, and security trends to inform product intelligence.

• 4–8 years of experience in application security, offensive research, or secure software development.
• Strong understanding of vulnerability classes (e.g., injection, deserialization, path traversal, auth bypass, XXE, SSRF, RCE).
• Proficiency in one or more languages such as Python, Java, JavaScript/TypeScript, Go, or C/C++.
• Experience with static or dynamic analysis tools, fuzzing, or reverse engineering is a plus.
• Curiosity about how attackers think—and how AI can help defenders move faster.
• Comfortable working autonomously in a fast-paced, research-driven startup.

• Competitive salary and equity package (0.50 % – 2.00 %).
• Work on cutting-edge problems at the frontier of AI and cybersecurity.
• Collaborate directly with leading engineers, researchers, and security experts.
• Flexible hybrid schedule aligned with San Francisco time.

At Corgea, we’re committed to diversity and inclusion. We assess all applicants based on merit, qualifications, competence, and talent—without discrimination of any kind.