AI Red Team Security Engineer

About The Position

Requirements

• 7+ years of hands-on penetration testing and offensive security experience in a professional setting
• Demonstrated experience testing AI/ML systems, LLM-powered products, or AI APIs
• Experience conducting red team engagements
• Scripting and tool development
• Strong understanding of authentication protocols and common implementation flaws
• Familiarity with cloud security architectures and common misconfigurations
• Working knowledge of Docker/Kubernetes and container security
• Understanding of LLM architectures and how they relate to attack surfaces.
• Familiarity with OWASP LLM Top 10
• Practical experience with prompt injection and jailbreak techniques against LLMs
• Ability to use LLMs as force-multipliers in red team workflows

Nice To Haves

• Certifications: OSCP, OSEP, CRTO, CRTE, PNPT, CEH, GPEN, GWAPT, or equivalent
• Experience with adversarial ML frameworks
• Contributions to open-source security tooling or published CVEs / bug bounty hall-of-fame credits
• Familiarity with AI governance frameworks
• Experience with GenAI infrastructure
• Background in threat modeling for AI-powered applications
• Reverse engineering skills for binary and mobile assessments
• CTF participation or competitive hacking experience

Responsibilities

• Design and execute adversarial attacks against large language model (LLM)-powered products including prompt injection, jailbreaking, goal hijacking, and context manipulation.
• Test retrieval-augmented generation (RAG) pipelines for data exfiltration, poisoning, and unauthorized knowledge extraction.
• Assess AI agent systems and agentic workflows for unsafe tool-use, privilege escalation, and indirect prompt injection via environment feedback.
• Conduct model extraction, membership inference, and adversarial example attacks against deployed ML models.
• Evaluate AI guardrails, safety filters, and content moderation layers for bypass techniques.
• Perform full-scope penetration tests across web applications, REST/GraphQL APIs, mobile apps (iOS/Android), cloud environments (AWS, GCP, Azure), and internal networks.
• Conduct red team exercises simulating advanced persistent threat (APT) actors using MITRE ATT&CK and AI-augmented techniques.
• Exploit vulnerabilities across the OWASP Top 10 and beyond: SSRF, IDOR, XXE, SSTI, authentication bypasses, and logic flaws.
• Perform social engineering and phishing simulations as part of combined red team campaigns.
• Conduct cloud and Kubernetes security assessments including IAM misconfigurations, container escapes, and privilege escalation paths.
• Leverage AI models and tools (e.g., LLMs, code generation, fuzzing assistants) to accelerate vulnerability discovery, payload crafting, and exploit development.
• Build or adapt AI-powered reconnaissance, exploitation, and evasion tooling for internal use in red team engagements.
• Stay current with adversarial AI research and translate academic findings into practical red team techniques.
• Use AI to automate repetitive testing tasks and generate novel attack variants at scale.

Benefits

• Bonus
• Equity
• Health insurance
• Dental insurance
• Vision insurance