AI-fluent Bug Bounty Hacker (founding engineer)

Company DescriptionSQUR is building Europe’s leading fully autonomous pentesting platform, redefining how cybersecurity is delivered.Our mission is to help organizations — especially those with limited security resources — achieve continuous protection without waiting weeks for human testers.By combining AI agents, security expertise, and deterministic exploit automation, SQUR delivers faster, more consistent, and more transparent results than traditional approaches.We’re a lean, fast-moving team in Karlsruhe, Germany, backed by strong partners and focused on making autonomous security a European strength. Role DescriptionWe’re looking for a Founding Offensive Security Researcher to help shape the intelligence and capability of SQUR’s autonomous pentesting agents.This is a full-time role based in Karlsruhe (preferred) or remote within Germany. You will lead the entire pentesting lifecycle — from recon to remediation — and translate human red-team tradecraft into safe, repeatable AI-driven TTPs.You’ll collaborate closely with our AI/ML engineers to teach agents how to exploit and fix vulnerabilities autonomously, set standards for evidence and reproducibility, and design the safety frameworks that keep real-world operations responsible. QualificationsProven record in offensive security — documented bug bounty success, published security research, or senior red-team experience with verifiable public impact.Deep mastery of web and API exploitation, able to break complex targets and turn craft into deterministic, automatable workflows.Strong Python development skills for building custom security tools and automation.Clear technical communicator — your repro steps and remediation guidance are the kind that engineers actually use.Solid understanding of security tooling (Burp Suite, ZAP, Nmap, Metasploit, etc.).Comfortable with AI-native workflows and eager to shape how AI enables true pentesting.Eligible to work in Germany (Karlsruhe preferred; remote in DE possible). Nice to have: experience building AI agents, GCP/Kubernetes, compliance frameworks (ISO 27001, NIS2, DORA, etc.) and relevant certifications such as CEH, OSCP, or GIAC What you getFounder-level equity — significant ownership in Europe’s autonomous pentesting leader.Modest salary (we build big, not pay big — yet).A great early-access platform and a clear mission: achieve consistent, better-than-human results.A hands-on, high-intensity environment, with 60-hour sprints when it counts.Direct, visible impact on the future of cybersecurity — your research becomes production reality. Join UsIf you want to build the next generation of offensive security — where AI agents hack responsibly and continuously — we’d love to talk. Apply now and help us make our autonomous pentesting the best in class.