Principal Software Engineer, AI

HackerOne is a global leader in offensive security solutions. Our HackerOne Platform combines AI with the ingenuity of the largest community of security researchers to find and fix security, privacy, and AI vulnerabilities across the software development lifecycle. The platform offers bug bounty, vulnerability disclosure, pentesting, AI red teaming, and code security. We are trusted by industry leaders like Amazon, Anthropic, Crypto.com, General Motors, GitHub, Goldman Sachs, Uber, and the U.S. Department of Defense. HackerOne was named a Best Workplace for Innovators by Fast Company in 2023 and a Most Loved Workplace for Young Professionals in 2024.

HackerOne is at a pivotal inflection point in the security industry. Offensive security is no longer optional – it is the standard for forward-thinking companies that want to build trust and resilience in a world where AI-driven innovation and adversaries are moving faster than ever. With the industry shifting, HackerOne stands apart: we combine the ingenuity of the largest security research community with a best-in-class AI-powered platform, trusted by the world’s top organizations.

HackerOne Values

HackerOne is dedicated to fostering a strong and inclusive culture. HackerOne is Customer Obsessed and prioritizes customer outcomes in our decisions and actions. We Default to Disclosure by operating with transparency and integrity, ensuring trust and accountability. Employees, researchers, customers, and partners Win Together by fostering empowerment, inclusion, respect, and accountability.

Principal Software Engineer, AI

Remote Location: Seattle, WA; San Francisco Bay Area

Position Summary

At HackerOne, we're revolutionizing cybersecurity by combining human intelligence with artificial intelligence to create the world's most effective offensive security platform. As a Principal Software Engineer on our AI Platform team, you'll be at the forefront of developing cutting-edge AI-powered security solutions that protect organizations from emerging threats. You'll work directly on our AI platform, contribute to our in-platform AI security agent "Hai," and help build next-generation AI safety and security tools that serve thousands of companies including Amazon, Anthropic, GitHub, Goldman Sachs, and the U.S. Department of Defense.

We're seeking an engineer who shares our mission to empower the world to build a safer internet through AI-driven security innovation. You'll harness artificial intelligence to help organizations and developers create more secure software, detect vulnerabilities faster, and defend against emerging threats. Working alongside our global community of security researchers, you'll build AI tools that make cybersecurity more accessible and effective for everyone.

At HackerOne, we embrace a Flexible Work approach, enabling our team members to work remotely while maintaining productivity and collaboration. We are seeking candidates located in Seattle, WA, and the surrounding metropolitan areas, to facilitate occasional in-person interactions as needed. While the position is primarily remote, there will be periodic in-person requirements to support team collaboration and foster stronger connections. This approach ensures flexibility while providing opportunities to build meaningful in-person relationships that strengthen our team and company culture.

What You Will Do

• Lead architecture and evolution for our autonomous AI security agent “Hai” with capabilities to plan, reason, and take secure actions including vulnerability detection, threat intelligence generation and automated security analysis

• Build and enhance our AI security agent "Hai" to provide instant security insights, natural language query processing, and actionable recommendations for security teams

• Develop AI red teaming agents and frameworks that help identify vulnerabilities in large language models, generative AI systems, and applied AI deployments

• Collaborate with product teams to integrate AI capabilities that enhance vulnerability discovery, validation, and remediation

• Create APIs and integrations that enable seamless interaction between AI models, security tools, and the broader HackerOne ecosystem

• Partner with cross-functional teams including Product, Security Research, and Customer Success to translate AI innovations into customer-facing security solutions

• Integrate emerging agentic frameworks and LLM-based orchestration tools (e.g., LangChain, Semantic Kernel, AutoGen, OpenAgents) to power stateful AI agents with access to security tools, APIs, and third-party systems

• Stay current with emerging AI security threats, research cutting-edge AI safety techniques, and contribute to the development of industry-leading AI security standards

Minimum Qualifications  

• 10+ years of experience as a software engineer

• Experience building production-grade AI Agents and infrastructure that support multiple AI product teams and applications

• Ability to mentor and lead AI teams in ways of building Agents.

• Strong hands-on experience with large language models (LLMs), generative AI, and Agentic frameworks (Langchain, Langgraph, Autogen, Open AI Agent SDK, AWS Bedrock Agentcore, Flowwise, n8n etc) in production environments

• Experience with implementation of reasoning, planning for a business domain on top of leading LLMs.

• Expertise in AI platform engineering including model deployment, MLOps pipelines, model serving infrastructure, and shared AI services architecture

• Solid understanding of AI safety and alignment principles, including responsible AI development, bias mitigation, and ethical AI practices

Preferred Qualifications

• Already built public facing complex AI Agents which reason, plan and execute workflow agentically like cursor agents do it for coding, Salesforce agentforce does it for customer support and so on.

• Experience building AI development platforms, model registries, experimentation frameworks, and tools that accelerate AI product development across organizations

• Familiarity with frameworks like ReAct, AutoGen, or Semantic Kernel for agentic orchestration

• Experience in agent action routing, secure tool usage APIs, and feedback loops for autonomous agents

• Knowledge of prompt engineering, fine-tuning techniques, retrieval-augmented generation (RAG), and advanced LLM optimization strategies

• Background with cloud-based AI/ML services (AWS Bedrock, GCP Vertex AI, Azure ML) and containerization technologies for AI workloads

• Familiarity with Ruby on Rails, GraphQL, React, and experience integrating AI capabilities into existing web applications and APIs

Compensation Bands:
San Francisco Bay Area

$280K – $420K • Offers Equity

Seattle, WA

$250K – $378K • Offers Equity

#LI-Remote

#LI-HM1

Job Benefits:

• Health (medical, vision, dental), life, and disability insurance*

• Equity stock options

• Retirement plans

• Paid public holidays and unlimited PTO

• Paid maternity and parental leave

• Leaves of absence (including caregiver leave and leave under CO's Healthy Families and Workplaces Act)

• Employee Assistance Program

• Flexible Work Stipend

*Eligibility may differ by country

We're committed to building a global team! For certain roles outside the United States, U.K., and the Netherlands, we partner with Remote.com as our Employer of Record (EOR).

Visa/work permit sponsorship is not available.

Employment at HackerOne is contingent on a background check.

HackerOne is an Equal Opportunity Employer in the terms and conditions of employment for all employees and job applicants without regard to race, color, religion, sex, sexual orientation, age, gender identity or gender expression, national origin, pregnancy, disability or veteran status, or any other protected characteristic as outlined by international, federal, state, or local laws.

This policy applies to all HackerOne employment practices, including hiring, recruiting, promotion, termination, layoff, recall, leave of absence, compensation, benefits, training, and apprenticeship. HackerOne makes hiring decisions based solely on qualifications, merit, and business needs at the time.

For US based roles only: Pursuant to the San Francisco Fair Chance Ordinance, all qualified applicants with arrest and conviction records will be considered for the position.