We are seeking a highly motivated and technically proficient Security Researcher to join our security research division. This role is dedicated to performing advanced offensive security assessments against the biggest companies in the world You need to be independent, attentive to details, organized, eager to learn new things, and like to research and solve problems What you’ll do:
* Engage in sophisticated Red Team projects, including the identification of undisclosed API endpoints and development of novel bypass techniques for established security controls
* Lead and execute comprehensive, technically rigorous security research targeting complex web and mobile applications, including reverse engineering and proprietary protocols investigation
* Engage in sophisticated Red Team projects, including the identification of undisclosed API endpoints and development of novel bypass techniques for established security controls
* Lead and execute comprehensive, technically rigorous security research targeting complex web and mobile applications, including reverse engineering and proprietary protocols investigation
About Alice:
Alice is a trust, safety, and security company built for the AI era. We safeguard the communicative technologies people use to create, collaborate, and interact—whether with each other or with machines. In a world where AI has fundamentally changed the nature of risk, Alice provides end-to-end coverage across the entire AI lifecycle. We support frontier model labs, enterprises, and UGC platforms with a comprehensive suite of solutions: from model hardening evaluations and pre-deployment red-teaming to runtime guardrails and ongoing drift detection.
Requirements:
Must have:
* Minimum of 3 years of proven, hands-on experience in application security analysis and Web penetration testing
* Strong experience with reverse engineering and dynamic analysis of Android and iOS applications, including hands-on experience with techniques like detours, hooking, and runtime code manipulation
* Proficiency in developing and automating tasks using at least one language like Python, JavaScript, or GoLang.
* Deep, hands-on knowledge of the latest tactics, techniques, and procedures (TTPs) used in advanced penetration testing and network analysis.
* Ability to author comprehensive and technically rigorous reports detailing identified vulnerabilities and research outcomes. Nice to have:
* OSCP, OSWE, eWPTXv2, CRTP, or other high-level offensive certifications.
* Hands-on experience with industry-standard reversing tools like JADX, Ghidra, or IDA Pro.
* Demonstrated online achievements, write-ups, or contributions on platforms such as HackTheBox, Pwn2Own, TryHackMe, Bug Bounty programs, or published security research.
Must have:
* Minimum of 3 years of proven, hands-on experience in application security analysis and Web penetration testing
* Strong experience with reverse engineering and dynamic analysis of Android and iOS applications, including hands-on experience with techniques like detours, hooking, and runtime code manipulation
* Proficiency in developing and automating tasks using at least one language like Python, JavaScript, or GoLang.
* Deep, hands-on knowledge of the latest tactics, techniques, and procedures (TTPs) used in advanced penetration testing and network analysis.
* Ability to author comprehensive and technically rigorous reports detailing identified vulnerabilities and research outcomes. Nice to have:
* OSCP, OSWE, eWPTXv2, CRTP, or other high-level offensive certifications.
* Hands-on experience with industry-standard reversing tools like JADX, Ghidra, or IDA Pro.
* Demonstrated online achievements, write-ups, or contributions on platforms such as HackTheBox, Pwn2Own, TryHackMe, Bug Bounty programs, or published security research.
This position is open to all candidates.
