Who are we?

Escape is one of Europe's fastest-growing cybersecurity startups, backed by Y Combinator, building AI-powered automated penetration testing that finds vulnerabilities before attackers do. We've secured dozens of prestigious enterprise customers, are growing 15%+ MoM.

We operate with a US go-to-market playbook (product-led, fast iteration cycles, aggressive growth targets) combined with deep European engineering DNA. Our 15-person engineering team ships weekly, owns what they build, and solves hard problems at the intersection of security, distributed systems, and AI.

Job Description

👉 We are seeking a Lead Security Researcher to join Escape and play a central role in advancing the detection capabilities of our DAST and ASM products. This role focuses on applied research: discovering novel vulnerability detection techniques, improving existing algorithms, and ensuring Escape remains best-in-class in terms of accuracy, performance, and real-world relevance.

As part of the Security Research team, you will work on transforming security insights into concrete detection logic that runs at scale in production. Your work will directly shape the effectiveness of Escape’s scanners and have a measurable impact on customer security outcomes.

Context

Location: Paris (75002), 2 days remote/week
Company: Escape – Leading AI Cybersecurity Startup
Cofounders: CEO (Tristan Kalos) and CTO (Antoine Carossio)
Engineering Team: 15 Engineers, 4 Technical Leads, 1 Product Owner
You’ll be working in a close-knit team of 3 outstanding engineers under supervision of a technical lead

Key Responsibilities:

Vulnerability Research: Research and identify new classes of vulnerabilities and novel detection techniques across web applications, APIs, and modern application architectures.
Algorithm Design & Improvement: Design, evaluate, and continuously improve detection algorithms with a strong focus on signal quality, performance, and reduction of false positives.
Applied R&D: Turn research ideas into practical, implementable detection logic suitable for large-scale, automated scanning.
Performance & Accuracy Focus: Evaluate trade-offs between coverage, accuracy, and execution cost to ensure scanners remain efficient at scale.
Cross-Team Collaboration: Work closely with the Scanners and Platform teams to ensure research outputs are effectively integrated into production systems.
Technical Leadership: Act as a senior contributor within the research team, setting technical direction, reviewing research approaches, and mentoring other researchers.
Technology Watch: Stay up to date with emerging vulnerabilities, exploitation techniques, and defensive research in the application security ecosystem.

Tech Stack

Languages: Compiled languages (C/C++, Go, Rust), scripting languages for prototyping
Research Focus: Vulnerability discovery, detection algorithms, and performance-oriented analysis
Execution Context: Research outputs integrated into large-scale automated scanners
Collaboration Surface: Close interaction with production systems and distributed scanning workloads
Engineering Focus: Accuracy, performance, and applicability of detection logic at scale

Perks

💸 Significant equity (Stock Options/BSCPE), making you a true stakeholder in our success.
❤️‍🩹 Top-tier health insurance with Alan
🍕 Meal vouchers with a Swile
💪 Sport subscription with EGYM Wellpass (ex Gymlib)
📚 A place to learn and grow: Access to books and online courses to help you excel in your role
💻 Top-tier equipment to do your best work
🎁 Free time to work on cool Open Source Projects.
🌎 Opportunities to present research and engineering work at international conferences like RSAC, BSides, BlackHat, DEFCON, APIDays (New York, Las Vegas, San Francisco, London, Paris, Berlin, Barcelona)

Escape

Lead Security Researcher - Paris Office

About the role