Theori Cyber Security Engineer Remote · Full time Company website
Apply for Cyber Security Engineer

Cyber security engineer responsible for triaging and validating vulnerability reports with world class hackers.

About Theori

Founded in 2016 by Carnegie Mellon University alumni, Theori is a leader in offensive cybersecurity. Our hackers have won DEFCON CTF nine times, and the core engine behind our products was built for DARPA's AI cyber security competition. We're applying that expertise to Xint, an AI-first application security platform spanning Xint Web (autonomous web app penetration testing) and Xint Code (AI-powered code security). Xint has already found hundreds of zero-days in widely used open source projects and is in production with customers like Samsung Electronics, giving security teams hacker-grade testing without hiring an army of pentesters.

Description

We're looking for a hands-on Cyber Security Engineer to sit at the intersection of AI-driven tooling and real-world security research. In this role, you'll own the end-to-end triage and validation lifecycle for vulnerability reports generated by our AI-powered static analysis platform, separating true positives from noise, writing proof-of-concept exploits, and reporting vulnerabilities upstream to the appropriate vendor.


This is a deeply technical role built for someone who thinks like an attacker, thrives in ambiguous environments, and has a track record of finding and exploiting vulnerabilities.


What You'll Do

  • Triage and validate vulnerability reports produced by our AI static analysis tool, verifying severity, exploitability, and business impact
  • Write proof-of-concept exploits for critical vulnerabilities to confirm true positives
  • Analyze false positives to identify patterns and provide structured feedback to engineering
  • Author detailed vulnerability reports that will be submitted to upstream vendors and open source projects


What We're Looking For

  • Experience in a security engineering, vulnerability research, or penetration testing role
  • Demonstrated CTF experience through participation in competitive CTFs (e.g. DEFCON, PlaidCTF) with writeups
  • Hands-on real-world vulnerability research and exploitation experience is preferred
  • Proficiency reading and auditing code across multiple programming languages
  • Prior bug bounty participation is preferred
  • Based in US or Canada
Apply for Cyber Security Engineer