Application Security Researcher
Application Security Researcher
- Research
- Ramat Gan
- Full-time
Description
About the Position
Ox Security secures the AI-driven SDLC from prompt to production. We eliminate critical, real-time risks from AI code generation through cloud runtime by doing what conventional tools can’t: unifying development and cloud context to stop vulnerabilities right at the source. At OX, we’re building the future of cyber security for the AI era. If you’re looking to work on disruptive technology with an amazing team, you belong here.
We’re looking for a highly skilled Application Security Researcher to join our Security Research group and help us push the boundaries of modern AppSec. This is a critical, hands-on role where you’ll work closely with engineers, researchers, and AI & data scientists to build the next generation of application security - including autonomous, agentic pentesting capabilities.
This is not a typical AppSec role. You’ll be building, breaking, and redefining how offensive security works at scale.
Responsibilities
What You’ll Be Doing
- Design and build detection engines and decision-making logic for autonomous security systems
- Develop new classes of automated attacks leveraging deep application and infrastructure context
- Conduct advanced research on chaining vulnerabilities, logic flaws, and complex attack paths
- Prototype, build, and ship security capabilities into production environments
- Collaborate with Product, Engineering, and Data teams to shape next-gen security features
- Analyze large-scale data to identify attack opportunities and improve detection accuracy
- Actively contribute to research direction, ideation, and innovation within the team
Requirements
What We’re Looking For
- 5+ years of experience Application/Infrastructure Penetration Testing
- Strong knowledge of common vulnerabilities (OWASP Top 10, etc.) and remediation techniques
- Experience with code-level analysis and modern development stacks
- Strong programming skills and hands-on technical capabilities
- Deep understanding of how systems break and how to exploit them
- Ability to communicate complex technical concepts clearly
- Team player who thrives in fast-paced, high-impact environments
- Familiarity with DevSecOps practices or security automation tools
The DNA We’re Looking For
- Builder–Breaker mindset: You don’t just find vulnerabilities - you build tools and systems to find them at scale
- Offensive instincts: Strong background in AppSec, Red Teaming, or advanced pentesting
- Systems thinker: You understand security as interconnected systems, not isolated issues
- Curious and fearless: You’re excited about working on cutting-edge problems in AI and security
- Ownership-driven: You thrive in environments with ambiguity and take initiative to define the path forward
Bonus Points For
- Experience with bug bounty programs or red teaming
- Strong software engineering background
- Hands-on experience with LLMs, autonomous agents, or security automation
- Passion for building secure products and empowering developers