Job Details

About DepthFirst AI

We believe that software is the foundation of modern civilization - yet vulnerabilities threaten its integrity, security, and resilience. We are on a mission to solve security.

DepthFirst is building intelligence to detect and remediate critical software vulnerabilities. We are training and scaling security AI agents to discover zero-days vulnerabilities, from large customer codebases to popular open source software.

Our founding team includes expertise in security and LLMs (with technical leaders from DeepMind, Databricks, Square, and Faire). We are looking for strong technical people who are interested in working at the intersection of AI, Security and Infrastructure.

About this role:

We're seeking an experienced Security Researcher to join our effort in building and training AI agents for vulnerability discovery and exploitation.

We are building a technology capable of finding the next Log4J at scale, finding and remediating vulnerabilities in customer and open source codebases.

We are looking for strong security researchers with strong intuition to identify, analyze, and investigate application vulnerabilities. You'll collaborate with AI researchers and engineers to uncover novel attack vectors and contribute to the development of advanced detection and defense capabilities. Your work will play a crucial role in building a product that aims to redefine how companies do security.

You're excited about this role because you will…

• Build a technology capable of finding novel vulnerabilities at scale both in open source and proprietary codebases
• Develop techniques to reduce false positives leveraging automated exploitation, proof of concept generation and context inference
• Work closely with engineers to understand limitations and design new methodologies to improve our system
• Publish internal technical reports and contribute to security advisories as needed.
• Work on a Product that Solves a Critical Problem - and we already have a handful of customers who have found it valuable in fixing some eye-opening vulnerabilities within the first few days of using our product.

Qualifications

• 3+ years of full-time experience in security research, offensive security, or related fields.
• Experience with finding vulnerabilities in source code
• Experience creating PoC exploits for vulnerabilities
• Programming experience in Python
• A bachelor's degree in Computer Science/Software Engineering or equivalent industry experience
• A love for technology, and an insatiable curiosity for new tools to tackle real problems
• Capable of solving complex problems with simple solutions. Building reliable and scalable products, making right trade-offs along the way
• A tendency to leave things in a better way than you found it

What We Offer

• Competitive Salary with generous equity
• Health and Dental Insurance
• Office lunch (when working from our San Francisco office)