XBOW

Own product strategy and development for professional offensive security tools, reduce false positives, expand vulnerability coverage, and collaborate with security researchers and product design teams. | Significant product management experience in security or developer productivity, hands-on offensive security experience, deep understanding of vulnerability classes and attack vectors, and strong community connections. | Product Manager: Professional Tools Elevate Offensive Security Practitioners About XBOW Build the future of offensive security with XBOW. Attackers are already using AI to move faster than defenders can react—we’re creating the platform that puts security ahead in the arms race. Our AI-powered system autonomously discovers, validates, and even exploits vulnerabilities, giving organizations proof-backed results in hours instead of weeks. Founded by Oege de Moor, creator of GitHub Copilot, and backed by Sequoia, Altimeter, and other leading investors, XBOW is applying cutting-edge AI to one of the world’s most urgent problems. In just over a year, our AI, built by a world-class AI team and legendary security researchers — has uncovered thousands of real-world zero-days across the software billions rely on, and achieved the #1 ranking on HackerOne’s global leaderboard. We’re a team of builders, hackers, and researchers who thrive on solving problems others think are impossible. If you want to push the boundaries of AI, reshape how security is done, and join the group defining this new era of defense — we’d love to talk. Your Role: Product Manager for Professional Tools As Product Manager for Professional Tools, you'll build products that augment and elevate human security testers. Your focus is on reducing false positives, expanding coverage across complex vulnerability classes, and delivering actionable intelligence that goes beyond traditional scanners. You'll be the voice of offensive security practitioners within XBOW. What you will do Own product strategy for professional security testing tools and workflows Drive expansion into complex vulnerability classes: IDOR, prompt injection, session/auth issues, business logic flaws, DoS attacks Build actionable reporting and intelligence capabilities that provide insights beyond basic vulnerability scanners Define false positive reduction strategies and quality improvement initiatives Create global dashboard and analytics capabilities across applications, assessments, and organizational units Partner with security research community to understand emerging attack vectors and testing methodologies Collaborate with Product Design on workflows for security professionals workflows optimized for security professionals Build integrations with popular security testing tools and frameworks Skills and qualifications Essential: Degree in a technology related field or equivalent experience Significant product management experience, preferably in security or developer productivity, scaling products from startup to $100M Deep technical curiosity about attack vectors, vulnerability research, and security systems Action-oriented execution style with ability to rapidly prototype and iterate on security tools Hands-on experience in offensive security: penetration testing, red teaming, bug bounty, or security research Deep understanding of vulnerability classes, attack vectors, and security testing methodologies Flawless execution of product work through GitHub Issues, Projects, and Pull Requests Strong connections in the security research and practitioner community Experience building tools for technical users with complex workflows Advantageous: Active participation in security research community (bug bounties, CVE discoveries, security conferences) Experience with security automation tools and frameworks Background in security consulting or professional services Understanding of compliance and audit requirements for security testing Experience with threat modeling and risk assessment methodologies What we offer Compensation & Equity: Competitive salary and equity package, making you a true owner of the company. Career Growth: Shape your role, lead the function, and grow with the company as we redefine cybersecurity. Meaningful Work: You will tackle technically complex challenges and play a pivotal role in the growth of our business, working alongside an amazing team and some of the world’s experts to shape how AI transforms cybersecurity. What else you should know Location: Remote (all team members are remote but we meet regularly and you’re supported to travel to collaborate with colleagues in person) Contract: Full-time. Hiring Process: 45-min introductory chat with our Head of Talent, Zac Wallis. 45 minutes with our Head of Product, Aqeel Siddiqui. Take home assessment. Presentation of take home assessment to product team. 30 minutes with our Head of Engineering, Andy Rice. 30-min final meeting with our CEO and founder, Oege de Moor. We aren't focused on seniority titles at XBOW—so if you’re worried about “leveling,” don’t be. We care a lot more about mission fit, capability, and impact than what’s on your LinkedIn headline. We believe in people who are driven by curiosity and a willingness to learn. Even if you don't check every box, we encourage you to apply if you're excited about the role and our mission.

Design and implement scalable infrastructure systems that can be deployed across multiple cloud environments. Optimize cloud services to enhance performance, reliability, and maintainability of core services. | Strong experience in building scalable, distributed systems on cloud infrastructure is essential. Familiarity with infrastructure as code and a proactive approach to disaster recovery are advantageous. | Research Engineer / Software Engineer (Platform Infrastructure) About XBOW Build the future of offensive security with XBOW. Attackers are already using AI to move faster than defenders can react—we’re creating the platform that puts security ahead in the arms race. Our AI-powered system autonomously discovers, validates, and even exploits vulnerabilities, giving organizations proof-backed results in hours instead of weeks. Founded by Oege de Moor, creator of GitHub Copilot, and backed by Sequoia, Altimeter, and other leading investors, XBOW is applying cutting-edge AI to one of the world’s most urgent problems. In just over a year, our AI, built by a world-class AI team and legendary security researchers — has uncovered thousands of real-world zero-days across the software billions rely on, and achieved the #1 ranking on HackerOne’s global leaderboard. We’re a team of builders, hackers, and researchers who thrive on solving problems others think are impossible. If you want to push the boundaries of AI, reshape how security is done, and join the group defining this new era of defense — we’d love to talk. Your Role: Research Engineer (Platform Infrastructure) We’re looking for a Platform Infrastructure Research Engineer who’s passionate about building scalable systems and solving hard problems in ambiguous environments. In this role, you’ll design and implement the complex distributed infrastructure that powers our core AI engine and distributed analysis systems, enabling XBOW to run seamlessly across multiple cloud providers (AWS, Azure, OCI etc.) and contexts (SaaS, on prem). This is a role for someone who sees infrastructure as a product, loves clean abstractions, and knows how to dig into performance issues across layers. You’ll join a high-trust, high-velocity team where your work will have an immediate impact on both developer experience and product performance. If you like being at the intersection of deep tech and real-world impact, you’ll feel right at home. What you will do Design and implement infrastructure systems that scale reliably and securely, and can be deployed across multiple cloud environments (AWS, Azure, OCI etc.) and contexts (SaaS, on prem). Tune and optimize cloud services across compute, storage, networking, and observability to drive performance, reliability and maintainability of core services. Develop our core services, written in TypeScript, Kotlin and Go (and pick them up quickly if you haven’t used them before) to support our unique deployment and infrastructure requirements. Support large-scale systems with event driven architectures. Own problems end-to-end—from design through deployment to production support Navigate ambiguity and help define how we build as much as what we build Partner closely with other engineers, AI researchers and Security researchers to enable high-quality, high-velocity product development Design for resilience by implementing disaster recovery and business continuity strategies that ensure uptime, even when things break Improve how we build, deploy, and monitor services at scale Skills and qualifications Essential: Strong experience building and operating scalable, distributed systems on cloud infrastructure such as AWS or similar. Comfortable working with infrastructure as code (e.g., Terraform, CDK) and see infra as part of the engineering system—not something separate from it. A track record of performance tuning across cloud services, databases, and compute layers Eager to learn new tools, languages, and technologies as needed A thoughtful communicator who values clarity and simplicity and is comfortable working in a fast-paced startup and navigating ambiguity Strong problem-solving skills and the ability to work with incomplete information Curious, practical, and eager to work across layers of the stack when needed You think proactively about failure modes and bring experience implementing disaster recovery and business continuity plans that keep critical systems running. Advantageous: Experience with deploying infrastructure to multiple environments (SaaS, on-prem) and know how to build resilient systems that handle the complexity of such environments. Experience with event-driven architectures, message queues, or async workflows (for example, using Kafka). Familiarity with modern observability practices (logs, metrics, tracing) and how to apply them Experience working in an early stage startup Prior experience building developer tooling or security products Hands-on experience with OpenSearch or Elasticsearch at scale Previous experience building platform teams or working on internal developer platforms What we offer Compensation & Equity: Competitive salary and a generous equity package, making you a true owner of the company. Career Growth: Shape your role, lead the function, and grow with the company as we redefine cybersecurity. Meaningful Work: You will tackle technically complex challenges and play a pivotal role in the growth of our business, working alongside an amazing team and some of the world’s experts to shape how AI transforms cybersecurity. What else you should know Location: Remote (all team members are remote but we meet regularly and you’re supported to travel to collaborate with colleagues in person) Contract: Full-time. Hiring Process: 45-min introductory chat with our Head of Talent, Zac Wallis. 45 minutes with our Head of Engineering, Andy Rice. 2-3 hour technical deep dive around relevant case study. 30-min final meeting with our CEO and founder, Oege de Moor. We aren't focused on seniority titles at XBOW—so if you’re worried about “leveling,” don’t be. We care a lot more about mission fit, capability, and impact than what’s on your LinkedIn headline. We believe in people who are driven by curiosity and a willingness to learn. Even if you don't check every box, we encourage you to apply if you're excited about the role and our mission.

Design and build distributed backend systems that scale reliably and securely. Own problems end-to-end—from design through deployment to production support. | Experience building and operating scalable, distributed systems is essential. Familiarity with AWS or similar cloud platforms and a strong willingness to learn new tools and technologies are also required. | Research Engineer / Software Engineer (backend) About XBOW Build the future of offensive security with XBOW. Attackers are already using AI to move faster than defenders can react—we’re creating the platform that puts security ahead in the arms race. Our AI-powered system autonomously discovers, validates, and even exploits vulnerabilities, giving organizations proof-backed results in hours instead of weeks. Founded by Oege de Moor, creator of GitHub Copilot, and backed by Sequoia, Altimeter, and other leading investors, XBOW is applying cutting-edge AI to one of the world’s most urgent problems. In just over a year, our AI, built by a world-class AI team and legendary security researchers — has uncovered thousands of real-world zero-days across the software billions rely on, and achieved the #1 ranking on HackerOne’s global leaderboard. We’re a team of builders, hackers, and researchers who thrive on solving problems others think are impossible. If you want to push the boundaries of AI, reshape how security is done, and join the group defining this new era of defense — we’d love to talk. Your Role: Research Engineer (backend) We’re looking for a Backend Research Engineer who’s passionate about building scalable systems and solving hard problems in ambiguous environments. In this role, you’ll design and implement the distributed infrastructure that powers our core engine. You’ll work across services written in TypeScript, Kotlin and Go (no worries if you haven’t used these languages—we care more about your fundamentals and your willingness to learn), and deploy everything on AWS. You’ll be joining a small team of superstars that’s shipping quickly and operating with high trust. This is a role for someone who loves to own open-ended problems and figure things out—whether that’s designing fault-tolerant systems, scaling distributed architectures, or debugging hairy production issues. If you like being at the intersection of deep tech and real-world impact, you’ll feel right at home. What you will do Design and build distributed backend systems that scale reliably and securely Work in TypeScript, Kotlin and Go (and pick them up quickly if you haven’t used them before) Deploy and operate services in AWS and other cloud providers. Own problems end-to-end—from design through deployment to production support Navigate ambiguity and help define how we build as much as what we build Collaborate closely with teammates across the stack, including AI researchers, Security researchers and frontend engineers Skills and qualifications Essential: Experience building and operating scalable, distributed systems Comfort working in a fast-moving, early-stage environment Strong problem-solving skills and the ability to work with incomplete information Familiarity with AWS or similar cloud platforms You’re comfortable working with infrastructure as code (e.g., Terraform or CDK) and see infra as part of the engineering system—not something separate from it. Eager to learn new tools, languages, and technologies as needed A thoughtful communicator who values clarity and simplicity Comfort working in a fast-paced, early-stage startup environment Advantageous: Experience with event-driven architectures, message queues, or async workflows Experience designing and optimizing relational databases (we use Postgres), and you know how to structure data for both performance and clarity. Background in systems programming, networking, or performance tuning Experience with hybrid deployments (cloud + on-prem) and know how to build resilient systems that handle the complexity of mixed environments. Experience working in an early stage startup Prior experience building security products or products for technical users What we offer Compensation & Equity: Competitive salary and a generous equity package, making you a true owner of the company. Career Growth: Shape your role, lead the function, and grow with the company as we redefine cybersecurity. Meaningful Work: You will tackle technically complex challenges and play a pivotal role in the growth of our business, working alongside an amazing team and some of the world’s experts to shape how AI transforms cybersecurity. What else you should know Location: Remote (all team members are remote but we meet regularly and you’re supported to travel to collaborate with colleagues in person) Contract: Full-time. Hiring Process: 45-min introductory chat with our Head of Talent, Zac Wallis. 45 minutes with our Head of Engineering, Andy Rice. 2-3 hour technical deep dive around relevant case study. 30-min final meeting with our CEO and founder, Oege de Moor. We aren't focused on seniority titles at XBOW—so if you’re worried about “leveling,” don’t be. We care a lot more about mission fit, capability, and impact than what’s on your LinkedIn headline. We believe in people who are driven by curiosity and a willingness to learn. Even if you don't check every box, we encourage you to apply if you're excited about the role and our mission.

Define and execute product roadmap for AI-driven offensive security features, collaborate with AI/ML and security teams, engage with customers to translate needs into product requirements, and measure product effectiveness. | Significant product management experience in security or developer tools, strong technical background in application security and AI/ML, ability to work cross-functionally, and data-driven product decision skills. | Product Manager: AI & Security Intelligence & Coverage About XBOW Build the future of offensive security with XBOW. Attackers are already using AI to move faster than defenders can react—we’re creating the platform that puts security ahead in the arms race. Our AI-powered system autonomously discovers, validates, and even exploits vulnerabilities, giving organizations proof-backed results in hours instead of weeks. Founded by Oege de Moor, creator of GitHub Copilot, and backed by Sequoia, Altimeter, and other leading investors, XBOW is applying cutting-edge AI to one of the world’s most urgent problems. In just over a year, our AI, built by a world-class AI team and legendary security researchers — has uncovered thousands of real-world zero-days across the software billions rely on, and achieved the #1 ranking on HackerOne’s global leaderboard. We’re a team of builders, hackers, and researchers who thrive on solving problems others think are impossible. If you want to push the boundaries of AI, reshape how security is done, and join the group defining this new era of defense — we’d love to talk. Your Role: Product Manager We’re looking for a Product Manager who can define, prioritize, and deliver the next generation of AI-driven offensive security experiences. This is a highly cross-functional role, working closely with engineers, researchers, and customers to translate insights into a roadmap that makes security testing smarter, faster, and more impactful. You’ll connect deep technical capability with customer needs—shaping a product that scales with enterprise requirements while remaining intuitive and frictionless to use. You’ll thrive here if you love turning complex problems into elegant solutions, have a sharp instinct for understanding what customers value most, and are excited to define what “best-in-class autonomous pentesting” looks like. What you will do Define and execute product roadmap for vulnerability discovery algorithms and coverage optimization Drive prioritization logic that focuses testing on high-value targets: relevant endpoints, code diffs, new releases, multi-role scenarios Own persistent learning systems that carry forward knowledge across scans and applications Collaborate with AI/ML teams to enhance cross-application insights and reduce redundant testing Partner with security research teams to expand coverage of emerging vulnerability classes Define metrics and KPIs for testing effectiveness, coverage quality, and discovery acceleration Work closely with customers to understand their risk priorities and translate into product requirements Skills and qualifications Essential: Degree in a technology related field or equivalent experience Significant product management experience, preferably in security or developer tools, scaling products from startup to $100M Deep technical curiosity - you love understanding how systems work under the hood Action-oriented mindset with bias toward execution and rapid iteration Strong technical background in application security, vulnerability research, or penetration testing Understanding of AI/ML applications in cybersecurity contexts Ability to work with and influence cross-functional teams (Seasoned researchers, engineers across etc.) Ability to translate complex technical concepts into clear product requirements Flawless execution of product work through GitHub Issues, Projects, and Pull Requests Data-driven approach to product decisions with strong analytical skills Advantageous: Hands-on experience with penetration testing or security research Background in AI/ML product development Previous experience at high-growth Security or DevOps companies Understanding of vulnerability management and risk assessment frameworks What we offer Compensation & Equity: Competitive salary and equity package, making you a true owner of the company. Career Growth: Shape your role, lead the function, and grow with the company as we redefine cybersecurity. Meaningful Work: You will tackle technically complex challenges and play a pivotal role in the growth of our business, working alongside an amazing team and some of the world’s experts to shape how AI transforms cybersecurity. What else you should know Location: Remote (all team members are remote but we meet regularly and you’re supported to travel to collaborate with colleagues in person) Contract: Full-time. Hiring Process: 45-min introductory chat with our Head of Talent, Zac Wallis. 45 minutes with our Head of Product, Aqeel Siddiqui. Take home assessment. Presentation of take home assessment to product team. 30 minutes with our Head of Engineering, Andy Rice. 30-min final meeting with our CEO and founder, Oege de Moor. We aren't focused on seniority titles at XBOW—so if you’re worried about “leveling,” don’t be. We care a lot more about mission fit, capability, and impact than what’s on your LinkedIn headline. We believe in people who are driven by curiosity and a willingness to learn. Even if you don't check every box, we encourage you to apply if you're excited about the role and our mission.

Drive enterprise platform strategy and product features for security compliance, integrations, governance, and scalability to support large organizations adopting AI-powered security testing. | Significant product management experience in enterprise security tools, deep understanding of compliance frameworks, technical curiosity about infrastructure and security, and excellent communication skills. | Product Manager: Enterprise Enable Enterprise Governance, Integrations & Scale About XBOW Build the future of offensive security with XBOW. Attackers are already using AI to move faster than defenders can react—we’re creating the platform that puts security ahead in the arms race. Our AI-powered system autonomously discovers, validates, and even exploits vulnerabilities, giving organizations proof-backed results in hours instead of weeks. Founded by Oege de Moor, creator of GitHub Copilot, and backed by Sequoia, Altimeter, and other leading investors, XBOW is applying cutting-edge AI to one of the world’s most urgent problems. In just over a year, our AI, built by a world-class AI team and legendary security researchers — has uncovered thousands of real-world zero-days across the software billions rely on, and achieved the #1 ranking on HackerOne’s global leaderboard. We’re a team of builders, hackers, and researchers who thrive on solving problems others think are impossible. If you want to push the boundaries of AI, reshape how security is done, and join the group defining this new era of defense — we’d love to talk. Your Role: Product Manager for Enterprise As an Enterprise Platform Product Manager, you'll drive XBOW's enterprise readiness by managing the outcome of platform capabilities that allow large organizations to adopt and scale our AI-powered security testing. You'll own everything from on-premise deployments to enterprise integrations to governance frameworks that enable compliance. What you will do Define enterprise platform strategy including on-premise deployment, data residency, and disaster recovery capabilities Own integration roadmap for dev/security ecosystems: repositories, ticketing systems, secret vaults, monitoring tools, compliance pipelines Build product features that enable compliance frameworks and work closely with IT/SecOps teams on implementation Design org-level policy frameworks and enforcement mechanisms within the platform Define audit trails, operational transparency, and governance reporting product capabilities Partner with sales and customer success to understand enterprise requirements and competitive positioning Work with IT/SecOps teams to ensure platform features support regulatory and compliance requirements Collaborate with infrastructure teams on scalability, reliability, and performance Drive enterprise deployment models and architecture decisions Skills and qualifications Essential: Degree in a technology related field or equivalent experience Significant product management experience, preferably in enterprise security tools, scaling products from startup to $100M Ability to work with and influence cross-functional teams (eg. Engineering, Security, AI, Product Design, GTM etc.) Ability to articulate clear goal and strategy to technical and non-technical audience Excellent communication skill Passion for intuitive product design Deep understanding of enterprise security requirements and how products enable compliance frameworks (SOC2, FedRAMP, ISO27001) Deep technical curiosity about infrastructure, security, and distributed systems Experience with enterprise integrations, SSO, directory services, and identity management Flawless execution of product work through GitHub Issues, Projects, and Pull Requests Understanding of security toolchain integrations and DevSecOps workflows Advantageous: Previous experience at enterprise security companies (Crowdstrike, Okta, Splunk, etc.) Experience working with compliance, risk management, or security operations teams Experience with container orchestration, cloud infrastructure, and hybrid deployments Understanding of procurement processes and enterprise sales cycles What we offer Compensation & Equity: Competitive salary and equity package, making you a true owner of the company. Career Growth: Shape your role, lead the function, and grow with the company as we redefine cybersecurity. Meaningful Work: You will tackle technically complex challenges and play a pivotal role in the growth of our business, working alongside an amazing team and some of the world’s experts to shape how AI transforms cybersecurity. What else you should know Location: US-Eastern Remote, Europe Remote (all team members are remote but we meet regularly and you’re supported to travel to collaborate with colleagues in person) Contract: Full-time. Hiring Process: 45-min introductory chat with our Head of Talent, Zac Wallis. 45 minutes with our Head of Product, Aqeel Siddiqui. Take home assessment. Presentation of take home assessment to product team. 30 minutes with our Head of Engineering, Andy Rice. 30-min final meeting with our CEO and founder, Oege de Moor. We aren't focused on seniority titles at XBOW—so if you’re worried about “leveling,” don’t be. We care a lot more about mission fit, capability, and impact than what’s on your LinkedIn headline. We believe in people who are driven by curiosity and a willingness to learn. Even if you don't check every box, we encourage you to apply if you're excited about the role and our mission.