Exploit Development Jobs in California (NOW HIRING)

Bishop Fox is the leading authority in offensive security, providing solutions ranging from continuous penetration testing, red teaming, and attack surface management to product, cloud, and application security assessments. We've worked with more than a quarter of the Fortune 100, half of the Fortune 10, eight of the top 10 global technology companies, and all of the top global media companies. Our managed service platform, service innovation, and culture of excellence continue to gather accolades from industry award programs including Fast Company, Inc., SC Media, and others. For more than 16 years, we've been contributing and giving back to the security community. We've published more than 16 open source tools and 50 security advisories in the last five years alone. Learn more at bishopfox.com or follow us on social media.

Who You Are 

The Agentic AI Software Engineer - Cybersecurity Systems designs, develops, and deploys advanced AI-driven software solutions to enhance cybersecurity detection, response, analysis, and automation capabilities. This role focuses on building and maintaining agent-based artificial intelligence systems capable of autonomously generating code, conducting security analyses, triaging alerts, identifying vulnerabilities, and recommending remediation strategies, with structured human oversight and validation. 

The position requires the application of advanced knowledge in computer science, artificial intelligence, machine learning, secure software engineering, distributed systems, and cybersecurity principles. The role involves complex system design, secure AI integration, and the development of enterprise-grade security automation platforms. 

What You Will Do 

1. Design and Develop Agentic AI Systems for Cybersecurity 

• Architect and implement AI-powered systems that perform autonomous or semi-autonomous cybersecurity tasks, including vulnerability analysis, threat detection, alert triage, log analysis, and secure code review.
• Design multi-agent architectures capable of orchestrating specialized AI agents (e.g., vulnerability scanning agents, log analysis agents, exploit pattern detection agents).
• Develop retrieval-augmented generation (RAG) pipelines to enable AI systems to securely query internal knowledge bases, threat intelligence feeds, CVE databases, and security documentation. 

2. AI-Assisted Secure Code Generation & Review 

• Utilize large language models (LLMs) to generate secure software components, scripts, detection logic, and test cases.
• Review and refine AI-generated code to ensure compliance with secure coding standards (e.g., OWASP Top 10, secure SDLC practices).
• Implement automated guardrails to detect insecure outputs, prompt injection vulnerabilities, model hallucinations, and data leakage risks.
• Design validation frameworks to benchmark AI-generated security outputs against known vulnerability patterns. 

3. Human-in-the-Loop AI Governance & Model Optimization 

• Design and implement reinforcement learning from human feedback (RLHF) workflows for cybersecurity use cases.
• Develop evaluation metrics for AI accuracy in threat detection, vulnerability identification, and remediation recommendations.
• Continuously refine prompt engineering strategies, model tuning parameters, and system architecture to improve security reliability and precision.
• Implement explainability mechanisms to support auditability and defensibility of AI-driven security decisions. 

4. Secure System Architecture & Integration 

• Develop and maintain APIs and microservices to integrate AI-powered security tools into enterprise platforms.
• Architect scalable and fault-tolerant distributed systems to support real-time security event processing.
• Deploy AI-enabled services within secure cloud environments (e.g., AWS, Azure, GCP) using containerization and orchestration technologies (Docker, Kubernetes).
• Integrate AI systems with SIEM, SOAR, vulnerability management, and endpoint detection platforms. 

5. Security Engineering & Threat Modeling 

• Conduct threat modeling for AI systems to identify adversarial risks, model exploitation vectors, and prompt injection vulnerabilities.
• Implement secure authentication, authorization, encryption, and data governance controls.
• Develop safeguards to prevent misuse of AI systems in exploit development or unintended security bypass scenarios.
• Perform security reviews and penetration testing of AI-driven software components. 

6. Testing, Validation & Performance Optimization 

• Design automated test pipelines for AI-driven security workflows.
• Conduct adversarial testing to evaluate resilience against malicious inputs.
• Monitor system performance metrics (latency, false positive rates, detection accuracy).
• Optimize inference pipelines and distributed systems for reliability and scalability. 

7. Documentation & Cross-Functional Collaboration 

• Produce detailed architectural documentation for AI security systems.
• Collaborate with cybersecurity researchers, product teams, software engineers, and cloud architects to translate threat intelligence and security requirements into scalable AI-enabled solutions.
• Provide technical guidance on AI governance, responsible AI deployment, and secure AI lifecycle management. 

Your Experience  

• Required Education
  • Bachelor's degree or higher in Computer Science, Computer Engineering, Software Engineering, Artificial Intelligence, Cybersecurity, Information Security, or a closely related technical field.
• Required Experience & Technical Skills
  • Strong foundation in algorithms, data structures, and object-oriented programming.
  • Proficiency in programming languages such as Python, Java, C++, or similar.
  • Experience developing AI or machine learning systems for security-related applications.
  • Experience working with large language models (LLMs) and prompt engineering techniques.
  • Experience with AI orchestration frameworks (e.g., LangChain, LlamaIndex, AutoGen, Semantic Kernel, or similar).
  • Experience implementing secure software development lifecycle (SSDLC) practices.
  • Knowledge of cybersecurity concepts including vulnerability management, threat modeling, penetration testing, SIEM/SOAR platforms, and common attack vectors.
  • Experience deploying applications in cloud environments (AWS, Azure, or GCP).
  • Familiarity with containerization and orchestration tools (Docker, Kubernetes).
  • Experience building RESTful APIs and microservices architectures.
• Preferred Qualifications
  • Master's degree in Computer Science, Artificial Intelligence, or Cybersecurity.
  • Experience designing AI systems for automated threat detection or exploit analysis.
  • Experience with reinforcement learning, fine-tuning, or model evaluation frameworks.
  • Experience integrating AI systems with cybersecurity tooling ecosystems.
  • Familiarity with NIST, ISO 27001, or similar security standards. 

Our Values  

We strive to live by our values every day, in support of our core tenets, which are to deliver the highest quality of work for our clients, quality of life for our team, and quality of business for our industry and our future.  

• Be Excellent to Each Other
• Do the Right Thing  
• Do What You'll Say You'll Do 
• Get Better Together  
• Give a Sh*t  

We offer a variety of benefits and perks, such as:  

• Generous Time Off and Company-Wide Holidays 
• Health Insurance options including Medical, Dental, Vision  
• Retirement; 401k matching for Traditional and Roth accounts in the US  
• Work From Home Support  
• Monthly allowance for cell phone and internet  
• Training Budget  
• Paid Parental Leave  

Specialty Occupation Justification 

The duties of this position require the theoretical and practical application of specialized knowledge in computer science, artificial intelligence, distributed systems, and cybersecurity engineering. The design and implementation of AI-driven, agent-based cybersecurity systems necessitate advanced understanding of algorithms, machine learning methodologies, secure system architecture, threat modeling, and secure coding standards. Such knowledge is typically acquired through completion of at least a bachelor's degree in a specific technical field such as Computer Science, Artificial Intelligence, or Cybersecurity. 

The complexity of developing autonomous AI systems that analyze vulnerabilities, evaluate exploit patterns, and integrate securely with enterprise cybersecurity infrastructure requires a highly specialized educational background and cannot be performed without advanced technical training. 

Bishop Fox is an Equal Opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex including sexual orientation and gender identity, national origin, disability, protected veteran status, or any other characteristic protected by applicable federal, state, or local law.  All new hires must pass a background check as a condition of employment.