Offensive Security Engineer

Description At Staris AI we believe human-based cyber defense is dead and the dream of security automation is finally within reach. Staris AI is a Series A ventured-backed firm that is reinventing application security with its innovative AI-powered penetration testing that continuously validates and remediates real attack paths in running applications. The Staris Total Context Security platform proves exploitable vulnerabilities in hours, not weeks, with zero false positives and 40:1 efficiency gains over traditional methods.

We're on a mission to transform the indefensible into the impenetrable, advancing applications into a new era of security.

What You'll Do As an Offensive Security Engineer at Staris AI, you'll be at the vanguard of the application security profession. This role goes beyond conventional application security and penetration testing; you'll be instrumental in advancing the field of automated software attack and simulation with your expertise in threat simulation and attack automation.

What You Bring - Minimum of 5 years of experience in application security assessment, source code auditing, bug hunting or similar areas

- Knowledge of offensive application security fundamentals

- Knowledge of relevant open-source technologies for attack automation (e.g. Tools, Libraries, Frameworks, etc.)

- Experience working with relevant software assessment technologies (e.g. SAST, DAST, Fuzzing, etc.).

- Prior emphasis on distributed systems and micro-service architectures

- Familiarity with prompt engineering, generative AI models, and their APIs

- Bachelor's degree in a related field (e.g. Computer Science, Information Technology, Cybersecurity, etc.)

- Strong English language communication skills

Why Staris - Backed by a founding team with deep pedigree, including alumni of Amazon, Accenture, and Palo Alto Networks, who have solved this problem operationally before.

- A genuine category-defining product. Most AppSec tools create noise while Staris eliminates it with AI-driven proof of exploitability and automated, code-level remediation.

- Supporting a massive, underserved market. Enterprises invest heavily in AppSec but deeply test only a fraction of their software portfolio.

- Competitive base, meaningful equity, full benefits, and a remote-first culture.

Staris AI is a Series A ventured-backed firm that is reinventing application security with its innovative AI-powered penetration testing that continuously validates and remediates real attack paths in running applications. Our Total Context Security platform proves exploitable vulnerabilities in hours, not weeks, with zero false positives and 40:1 efficiency gains over traditional methods. We're on a mission to transform the indefensible into the impenetrable, advancing applications into a new era of security.