Build the future of application security.
We're a small team of security researchers and engineers building the platform that traces supply chain attacks from the vulnerable line of code to the exploit in production. If that excites you, keep reading.
View open roles belowSecurity first
We work on the hardest problems in application security. Everyone on the team thinks adversarially — and is expected to.
High ownership
Small team, large scope. You won't be handed a ticket queue — you'll own entire product areas and have direct impact on what we ship.
Ship fast
We move at the pace of the teams we protect. Processes exist to help you ship, not slow you down.
4 positions open.
Senior Security Engineer
SecurityBuild and improve O3's core detection engines — SAST, SCA, and supply chain attack chain tracing. Deep knowledge of vulnerability research, static analysis, or SAST internals required.
Full Stack Engineer
EngineeringOwn product surfaces end-to-end — from Next.js dashboards to backend APIs and scan orchestration. We move fast and give engineers high ownership from day one.
Developer Advocate
GrowthHelp developers understand and adopt O3 — through technical writing, conference talks, open source contributions, and community building. Black Hat / DEF CON experience is a plus.
Security Researcher
ResearchDiscover novel supply chain attack vectors, develop new detection rules, and publish research that shapes the industry. CVE experience or published security research required.
Don't see your role? Reach out anyway.
We hire for exceptional people, not just open headcount. If you're a security researcher, engineer, or operator who wants to work on supply chain security, we want to hear from you.
[email protected]