🌍 DEI&B Commitment (Diversity, Equity, Inclusion & Belonging)
At SafeBreach, we celebrate the rich diversity of our team, where every employee's unique perspective is a valued thread in our collective success. We are unwavering in our commitment to fostering an inclusive workplace that nurtures a sense of belonging and empowers each individual to unleash their full potential. We are dedicated to creating opportunities for collaboration, innovation, and meaningful career growth, ensuring that every voice is not just heard, but cherished.
🔹 Title: Attacks And Exploits Developer
📍 Locations (Hybrid): Tel Aviv (Sky Tower)
👥 Reporting To: Attacks And Exploits Development Lead
🌟 Opportunity Highlights
We are seeking a highly skilled and experienced Attacks and Exploits Developer to join a specialized team focused on developing offensive, production-ready attack capabilities. This is a research and development (R&D) role at the core of our offensive security efforts. You will be responsible for architecting and delivering advanced low-level attack components used in evasion techniques, red team tooling, and adversary simulations.
👋 Who We Are
SafeBreach is the leader in enterprise-grade exposure validation, providing the world’s largest brands with safe and scalable capabilities to understand, measure and remediate threat exposure and associated cyber risk.
SafeBreach has had a landmark year so far, launching its new SafeBreach Exposure Validation Platform in February 2025, which combines breach and attack simulation (BAS) capabilities with attack path validation to provide enterprises with deeper insight into threat exposure and cyber risk.
The award-winning SafeBreach exposure validation platform combines pioneering breach and attack simulation and innovative attack path validation capabilities to help enterprise security teams measure and address security gaps at the perimeter and beyond. SafeBreach helps enterprises transform their security strategy from reactive to proactive safely and at scale.
SafeBreach is a state-of-the-art thought leadership research team, with proven critical discoveries which include forty 0-day vulnerabilities in significant security solutions.
We are regular speakers at the most important global cyber security conferences, with more than twenty main-stage talks at Black Hat and DEFCON conferences.
The best thing about SafeBreach? Definitely the people! SafeBreachers are friendly, collaborative, and hard working. Together, we've built an amazing culture, and we are looking to add more awesome people to our growing team!
💰 What We Offer
- Competitive salary and equity grants
- Hybrid flexibility
- Quarterly recharge weekends
- Learning & development stipend
- Generous paid leave policies including flexible PTO and parental leave
🚀 The Impact You Will Have
- Drive design, development, and deployment of production-grade offensive capabilities targeting Windows systems
- Develop low-level Windows and Linux components including kernel-mode code, user-mode loaders, and OS-level evasion mechanisms
- Implement Python bindings to connect native low-level components with Python-based research tools and automation
- Debug complex issues in both kernel and user space using tools such as WinDBG and KD
- Research and develop bypass techniques for modern Windows security controls
- Collaborate with the Research Team and other R&D stakeholders to implement and refine offensive concepts
- Provide technical mentorship and drive engineering best practices within the team
🫵 Who YOU Are
Leadership
- Proven experience in delivering production grade software in an offensive security or R&D environment
- Ability to design complex offensive flows and implement in collaboration with a highly technical team
- Experience owning full R&D project lifecycles from concept through production
Technical
- 4+ years of hands-on experience in OS Internals or kernel-mode development using C and C++
- 3+ years of Python experience, especially for integrating with native modules and supporting research workflows
- Experience developing stealthy and evasive attack components, including in-memory execution and user/kernel-mode tooling
- Proficient in Windows debugging using WinDBG, KD, and similar tools
- Deep knowledge of Windows APIs, security controls, and undocumented behaviors relevant to offensive security
- Familiarity with EDR evasion, API hooking, and direct system call manipulation
Personal Attributes
- Passionate about offensive security and deep technical research
- Self-motivated and capable of operating independently in high-trust environments
- Creative and methodical in problem solving, with a strong attention to detail
💥 Even BETTER if you have
- Experience with MITRE ATT&CK and implementing or simulating ATT&CK techniques
- Background in red teaming, adversary emulation, or APT simulation
- Prior contributions to offensive tooling or internal R&D platforms
- Understanding of modern threat actor TTPs and practical application in research environments
Join us to lead the development of real-world offensive capabilities at the intersection of advanced OS knowledge and cutting-edge security research.
⏳ Interview Process
Average Duration: ~2-4 weeks
Key steps:
- Send your application
- Receive a response from us within 5–7 days
If selected:
- Intro with the recruiter
- Meet the hiring manager
- Take-home assignment
- Meet the team at the office
- Meet the CTO
- Final Steps
- Offer & Onboarding!
Top Skills
What We Do
Did you know that global cyberattacks have increased upto 32% year over year and enterprises now deploy 75+ cybersecurity related tools on their networks just to keep pace with the increasing complexity and frequency of attacks. But even with the huge investment in security tools, 61% of organizations have difficulty prioritizing cyber risk-reduction efforts due to a shortage of talent and 40% of security professionals say conflicting data makes it difficult to assess posture.
A pioneer in breach and attack simulation (BAS), SafeBreach is the world’s most widely used continuous security validation platform. We are on a mission to fundamentally change the way organizations manage their defenses and control cyber risk.
Our award-winning BAS solution enables modern enterprises to continuously and safely execute attacks, validate and optimize the efficacy of their security controls, and prioritize remediation efforts to mitigate their most critical gaps before a breach occurs. With our Hacker’s Playbook™—the industry’s most extensive collection of attack data enabled by state-of-the-art threat intelligence research—SafeBreach empowers organizations to get proactive about security with a simple approach that replaces hope and fear with real-world data and real-time action.
Traditional security control validation tactics can’t keep up with the growing threat landscape, understaffed teams, and ongoing enterprise transformation. To be effective, you need a holistic view of your security ecosystem with the ability to easily integrate improvements.
The SafeBreach Hacker's Playbook contains 25,000+ attack methods, and we uphold a 24-hour SLA on US-CERT and FBI Flash alerts, so client's can always be confident of threat coverage. We have established the market's most diverse and mature partner ecosystem and our platform fits seamlessly into client environment. Whether it's one host or 100,000, our solution is simple and easy to deploy and scale up. Our flexible dashboards and customizable reports provide the visualizations you need to quickly understand overall security posture metrics.
Why Work With Us
You will have the opportunity to make a real impact on how the world manages the changing threat landscape as we address our customers most critical and complex problems.
Our benefits go beyond 100% employer paid insurance (which we do) we also offer remote work, non-traditional hours, flexible time off and opportunities to grow and learn.
Gallery
.png)
