Senior Security Vulnerability Researcher

Noma Security is redefining how organizations Safely adopt AI into their organization. As a Security Researcher on our Vulnerability Research team, you’ll play a critical role in uncovering threats in emerging AI and application technologies. You’ll work with world-class engineers and security professionals to identify vulnerabilities, simulate real-world attack scenarios, and build impactful proof-of-concepts that demonstrate risk and defensive value.

This is a hands-on role for a seasoned offensive researcher who thrives on technical depth and creativity. You’ll collaborate closely with product, marketing, and engineering teams to deliver research that drives customer trust, informs product direction, and shapes industry thought leadership.

 What You’ll Do

• Perform AI-Focused Vulnerability Research: Investigate security risks in AI models, APIs, and infrastructure to uncover exploitable weaknesses and publish insights that strengthen our market leadership.
• Lead Red Teaming Against AI Systems: Simulate adversarial attacks on AI pipelines and APIs, creating impactful PoCs that showcase real-world risk and defensive strategies.
• Build Customer-Facing Proof-of-Concepts: Partner with product and engineering teams to design and deliver PoCs that align with customer use cases and highlight Noma’s security capabilities.

 Requirements for Success

• 5+ years in Security Research or Offensive Engineering with a proven track record in penetration testing or vulnerability discovery on complex targets.
• Deep expertise in Application & AI Security, including experience exploiting APIs, web applications, and AI/ML vulnerabilities such as prompt injection, adversarial manipulation, or model abuse.
• Offensive Security & Red Teaming Experience, with practical use of tools, custom exploits, or adversarial testing methods.
• Proficiency in developing and presenting PoCs that clearly demonstrate security risks to both technical and non-technical audiences.
• Recognized achievements in Bug Bounty or Military-Grade Security Research, or equivalent real-world offensive security experience.
• Solid software engineering background, with the ability to read, write, and debug code (Python, JavaScript, Go, etc.).

Why Noma?

We’re a well-funded, early-stage startup solving one of the hardest problems in security: protecting the data lifecycle in the AI era. We move fast, value initiative, and care deeply about quality and trust. You’ll join a sharp, supportive team where your research has immediate impact whether it’s publishing cutting-edge vulnerability findings, simulating attacks against AI systems, or collaborating on security-driven product features.

If you’re excited to break new ground in AI security and shape how organizations protect their most valuable data-let’s talk.