Adversarial AI Offensive Security Analyst

About The Position

Requirements

• Offensive Security Expertise: 5–7+ years of hands-on experience in penetration testing, red teaming, or adversary simulation with a strong track record.
• Deep understanding of network/web application security, exploitation techniques, and attacker TTPs (MITRE ATT&CK).
• AI & Automation Skills: Proven experience leveraging AI/ML or automation in cybersecurity (e.g. using LLM APIs, scripting against AI services, building security chatbots or automation pipelines).
• Ability to craft effective prompts and interpret LLM outputs.
• Familiarity with integrating AI into tools or workflows (experience with frameworks like Model Context Protocol (MCP) servers is a strong plus).
• Programming & Tool Development: Proficiency in Python or similar languages for developing custom tools, automation scripts, and integrating APIs.
• Experience building or extending offensive toolsets (C2 frameworks, scanners, exploit scripts) to adapt to new needs.
• Security Certifications & Education: Bachelor’s degree in computer science, engineering, or equivalent experience.
• Industry certifications such as OSCP , CRTE or similar are preferred, demonstrating advanced offensive skills.
• Innovative & Collaborative Mindset: Demonstrated creative problem-solving ability and adaptability.
• Eagerness to continuously research emerging AI-enabled attack techniques and proactively share knowledge.
• Strong collaboration skills to work with cross-functional teams and communicate complex concepts clearly.

Nice To Haves

• Experience with AI agent frameworks or autonomous red teaming tools (e.g. experimenting with LLM agents for recon/exploitation).
• Knowledge of adversarial machine learning concepts or AI model vulnerabilities (prompt injection, data poisoning) – not the focus of this role, but indicative of a broad security mindset.
• Prior experience in fraud testing/abuse simulations or social engineering engagements, especially using deepfakes or automated bots.
• DevOps/cloud knowledge (CI/CD pipelines, AWS/Azure) and how AI can target cloud or supply chain environments.

Responsibilities

• Plan & Execute AI-Enhanced Attacks: Lead red team operations and penetration tests that incorporate LLM-driven techniques and agentic automation to simulate sophisticated adversaries at scale. Maintain human-in-the-loop oversight to ensure safe, controlled execution.
• Custom Tooling & Automation: Design or integrate custom offensive tools and scripts that use AI/ML (e.g. LLM APIs, automation frameworks) to accelerate vulnerability discovery, exploit development, and testing workflows. For example, develop internal frameworks that interface LLMs with red team C2 platforms (like MythicMCP , SliverMCP ) to enable autonomous or semi-autonomous operations.
• Adversarial Simulation & Fraud Testing: Conduct adversarial exercises targeting both technical systems and fraud controls, using AI to emulate how attackers might abuse scale and automation. Work with fraud risk teams to simulate large-scale abuse scenarios (bots, deepfakes, automated scams) using AI capabilities.
• Collaboration & Purple Teaming: Partner closely with blue teams (SOC, Detection Engineering) and fraud prevention teams to share insights from AI-augmented tests. Help validate and improve detection and response for AI-driven attack techniques through joint purple team exercises.
• Reporting & Knowledge Sharing: Document attack scenarios, findings, and mitigations in clear reports. Present results and risk insights to both technical staff and executives, translating complex AI-augmented attack methods into actionable defense improvements. Mentor colleagues in adopting AI-assisted tools and foster a culture of innovation in the team.

Benefits

• hybrid working model for the majority of our crew members, designed to capture the benefits of enhanced flexibility while enabling in-person learning, collaboration, and connection.