Security Researcher/Developer

Get to Know Us

Horizon3.ai is an innovative, rapidly growing cybersecurity company on a mission to help organizations proactively identify, fix, and verify exploitable vulnerabilities before they can be leveraged by cybercriminals. Our flagship product, NodeZero™, delivers autonomous pentests and security assessments that scale across complex environments, including internal, external, cloud, and hybrid cloud infrastructures. From small educational institutions to global enterprises, our platform is trusted by a wide range of organizations—IT and SecOps teams, MSSPs, MSPs, and consulting pentesters.

Our team blends former U.S. Special Operations cyber operators, startup engineers, and seasoned cybersecurity professionals. Together, we’re tackling the industry's toughest challenges: ineffective tools, false positives, alert fatigue, skills shortages, and the high costs and long timelines associated with traditional consulting. We are a culture of learn-it-alls—focused on collaboration, respect, ownership, and delivering results.

As a fully remote company, we prioritize flexibility and require a minimum 25Mbps broadband connection.

The Opportunity

We are looking for a Security Researcher / Developer to join our New Products Team (NPT). The NPT is a dynamic, cross-functional team responsible for developing innovative 0-to-1 products by extending the power of the NodeZero platform. As part of the team, you’ll play a key role in rapidly prototyping and building cutting-edge security products that address real-world cybersecurity challenges.

This role is perfect for someone who thrives in an agile, fast-paced environment and is passionate about creating high-quality solutions that impact the cybersecurity landscape.

What You’ll Do

The Security Researcher / Developer is responsible for leveraging their domain expertise in building new security products. You will be collaborating with product managers and designers to identify new product opportunities, and working with product engineers to quickly prototype and deliver MVPs. You will be involved in tasks ranging from product research to full-stack development of new capabilities. By building products such as Tripwires and Insights, you will contribute to deepening our customer’s engagement with our platform, and deliver novel solutions to improve their security posture.

What You’ll Bring

• Software Engineering: Strong understanding of secure software development practices, including experience with version control systems like Git and effective team workflows.

• Problem-Solving: Strong analytical skills with an aptitude for solving complex technical problems.

• Self-Motivation: The ability to work independently with minimal supervision, demonstrating initiative and a high level of energy.

• Collaboration: Work closely with other cross-functional partners to build and improve our new products portfolio

• Communication: Strong technical writing and documentation skills, with the ability to convey findings and methodologies to both technical and non-technical stakeholders.

• Technical Design: Proficiency in designing, presenting, and evaluating technical solutions, ensuring high-quality software and secure development practices.

• Adaptability: Ability to independently learn and adapt to new technologies, tools, and methodologies.

Required Qualifications

• Proficiency in Python: Expert-level proficiency in large-scale Python software development.

• Windows Experience: Proficiency with Powershell, Active Directory, WMI and Azure

• Vulnerability Exploitation: In-depth knowledge of common Remote Code Execution (RCE) techniques such as SQL injection, path traversal, and buffer overflow exploits.

• Network Protocols: Strong understanding of network protocols and their intricacies, including their role in exploitation vectors.

• Database Experience: Experience with relational (Postgres) or graph (Neo4j) database systems.

• Minimum of 4 years of experience in building security solutions, ideally in endpoint, threat detection, or low-level systems.

• Bachelor's Degree in Computer Science, Computer Engineering or related field.

• Equivalent experience may be considered if demonstrable through proof-of-concept write-ups, published vulnerability research, or similar achievements.

Preferred Qualifications

• OSCP (Offensive Security Certified Professional), GCWN (GIAC Certified Windows Security Administrator) or equivalent certifications.

• Experience with additional programming languages, including C#, Rust, C, C++, or Assembly.

• Previous experience in Vulnerability Research, Exploit Development, Deception Technologies or other deeply technical roles with relevant skill sets.

• Previous experience working on large-scale software projects.

• Knowledge of and experience with Docker and containerization technologies.

Travel Required:

We are a fully remote company, and this job may require up to 5% of travel to be successful.

Compensation and Values:

At Horizon3, we believe that our people are our greatest asset, and our compensation philosophy reflects this core value. We are committed to fostering an environment where all employees feel valued, respected, and rewarded for their contributions. Our compensation structure is designed to be fair, competitive, and transparent, ensuring that every team member is recognized and compensated equitably across roles, levels, and locations.

In accordance with various State’s transparency regulations, we provide the following salary range information for this position:

• Base salary range: $175,000 - $225,000 annually. The exact salary will be determined based on the selected candidate’s location, qualifications, experience, and relevant skills.

• Additional compensation: This role may also be eligible for an equity package (in the form of stock options). If any other compensation benefits apply, they will be discussed during the interview process.
  

Perks of Horizon3.ai:

• Inclusive Team: We value diversity and promote an inclusive culture where everyone can thrive.

• Growth Opportunities: Be part of a dynamic and growing team with numerous career development opportunities.

• Innovative Culture: Work in a collaborative environment that encourages creativity and out-of-the-box thinking.

• Remote Work: We are a 100% remote company. Enjoy the flexibility to work in the way that supports you and brings out your best.

• Competitive Compensation: We offer competitive salary and benefits which includes health, vision & dental care for you and your family, a flexible vacation policy, and generous parental leave.
  

You Belong Here:

Horizon3 is not just an equal opportunity employer - we are a community that values diversity, equity, and inclusion as fundamental principles of our culture and success. We are dedicated to fostering a workplace where everyone feels welcome and respected, regardless of race, color, religion, sex, national origin, age, disability, veteran status, sexual orientation, gender identity or expression, genetic information, marital status, hair length or any other legally protected status by law.

Our commitment to diversity and inclusion means we strive to attract, develop, and retain a workforce that reflects the varied communities we serve. We believe that diverse perspectives drive innovation and strengthen our ability to create cutting-edge cybersecurity solutions. At Horizon3, every team member is valued and supported in an environment that encourages personal and professional growth.

We welcome candidates from all backgrounds and experiences, and we encourage all qualified individuals to apply. Come be a part of Horizon3, where your unique contributions are recognized, and your potential is limitless.

Other Duties:

Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee. Duties, responsibilities, and activities may change at any time with or without notice.

Application Note:

In any materials you submit, you may redact or remove age-identifying information such as age, date of birth, or dates of school attendance or graduation. You will not be penalized for redacting or removing this information.