Security Researcher
Company: DepthFirst
Location: San Francisco
Posted on: April 1, 2026
|
|
|
Job Description:
About depthfirst We believe that software is the foundation of
modern civilization - yet vulnerabilities threaten its integrity,
security, and resilience. We are on a mission to solve security.
depthFirst is building intelligence to detect and remediate
critical software vulnerabilities. We are training and scaling
security AI agents to discover zero-days vulnerabilities across
large customer codebases and popular open source software. Our
founding team includes deep expertise in data, infrastructure,
security and LLMs with technical leaders from DeepMind, Databricks,
Square, and Faire. We are looking for strong technical people who
are interested in working at the intersection of AI, Security, and
Infrastructure. About this role We’re seeking an experienced
Security Researcher to join our effort in building and training AI
agents for vulnerability discovery and exploitation. We are
building a technology capable of finding the next Log4J at scale,
finding and remediating vulnerabilities in customer and open source
codebases. We are looking for strong security researchers with
strong intuition to identify, analyze, and investigate application
vulnerabilities. You’ll collaborate with AI researchers and
engineers to uncover novel attack vectors and contribute to the
development of advanced detection and defense capabilities. Your
work will play a crucial role in building a product that aims to
redefine how companies do security. You’re excited about this role
because you will… Build a technology capable of finding novel
vulnerabilities at scale both in open source and proprietary
codebases Develop techniques to reduce false positives leveraging
automated exploitation, proof of concept generation and context
inference Work closely with engineers to understand limitations and
design new methodologies to improve our system Publish internal
technical reports and contribute to security advisories as needed.
Work on a Product that Solves a Critical Problem - and we already
have a handful of customers who have found it valuable in fixing
some eye-opening vulnerabilities within the first few days of using
our product. Qualifications 3 years of full-time experience in
security research, offensive security, or related fields.
Experience with finding vulnerabilities in source code Experience
creating PoC exploits for vulnerabilities Programming experience in
Python A bachelor's degree in Computer Science/Software Engineering
or equivalent industry experience A love for technology, and an
insatiable curiosity for new tools to tackle real problems Capable
of solving complex problems with simple solutions. Building
reliable and scalable products, making right trade-offs along the
way A tendency to leave things in a better way than you found it
What We Offer Competitive Salary with meaningful equity Health,
Vision, and Dental Insurance Office lunch (when working from our
San Francisco office) depthfirst is an equal opportunity employer
and does not discriminate on the basis of race, gender, sexual
orientation, gender identity/expression, national origin,
disability, age, genetic information, veteran status, marital
status, pregnancy or related condition, or any other basis
protected by law. To all recruitment agencies: depthfirst does not
accept agency resumes. Please do not forward resumes to depthfirst
employees. depthfirst is not responsible for any fees related to
unsolicited resumes and will not pay fees to any third-party agency
or company that does not have a signed agreement with the
Company.
Keywords: DepthFirst, Rancho Cordova , Security Researcher, IT / Software / Systems , San Francisco, California
