What are the responsibilities and job description for the Application Security Researcher (US) position at Tenzai?
About Tenzai
Tenzai is building autonomous AI hackers that think like the world's best offensive security experts, act like them, and then help fix what they find before the real ones do. If this mission speaks to you, come defend the world's software: autonomously, continuously, and in-depth.
About The Role
This is a rare opportunity to work at the intersection of offensive security and AI - and to have your expertise shape a platform used at enterprise scale. You’ll perform attacks on customer applications, help the AI agent get smarter, and work alongside a tight-knit team building something genuinely new in the security space. Work closely with AI and engineering teams to continuously improve agent capabilities.
Responsibilites
Tenzai is building autonomous AI hackers that think like the world's best offensive security experts, act like them, and then help fix what they find before the real ones do. If this mission speaks to you, come defend the world's software: autonomously, continuously, and in-depth.
About The Role
This is a rare opportunity to work at the intersection of offensive security and AI - and to have your expertise shape a platform used at enterprise scale. You’ll perform attacks on customer applications, help the AI agent get smarter, and work alongside a tight-knit team building something genuinely new in the security space. Work closely with AI and engineering teams to continuously improve agent capabilities.
Responsibilites
- Harness Tenzai’s AI agent on customer applications, analyze the results, and validate vulnerabilities with clear exploitation evidence.
- Present findings and exploitation evidence clearly and transparently to customers and internal teams
- Analyze where the system needs to improve, investigate cases where the AI missed, misclassified, or hallucinated vulnerabilities.
- Develop new attack strategies and offensive testing techniques for web and API targets, and translate real-world knowledge into improvements for the AI agent.
- Deep expertise in Web and API security, including authentication, business logic, and injection flaws
- 3 years of hands-on experience in Penetration Testing, Application Security, Bug Bounty, or Red Team operations
- Ability to articulate complex vulnerabilities clearly, both in writing and verbally.
- Experience in writing code to develop tooling for penetration tests
- Comfortable working in a fast-paced startup environment with a high degree of ownership
- Working on problems that matter - Software is now written and deployed faster than it can be secured. Attackers are beginning to use AI to find vulnerabilities at scale. Tenzai exists to close that gap. It's a mission that requires elite hackers, and also sharp storytellers, wicked-smart operators, and experienced market builders.
- Building a category in the making - Tenzai is defining a new category in cybersecurity. That means every team — from research and engineering to product, brand, and go-to-market — has a chance to shape how the industry understands and adopts autonomous security. If you thrive building something from zero and helping a new idea take hold in the world, keep reading.
- Talent density - We believe small teams of exceptional people outperform large organizations. Tenzai was founded by veteran security experts and repeat entrepreneurs. We hire deliberately and value curiosity, initiative, and craftsmanship, whatever your discipline.
- Creating real impact, quickly - Whether you're building systems, shaping product experiences, telling the story, or helping customers succeed, your work will immediately influence how organizations secure their software. We move quickly, keep teams lean, and give humans ownership.
- Ambition with humility - We're tackling hard problems with a team that values deep expertise and thoughtful collaboration. Everyone here is learning, experimenting, and pushing the boundaries of what's possible. Plus, we love eating lunch together.