AI Red Teamer, Cybersecurity

About The Position

Requirements

• Professional experience in offensive security, penetration testing, red teaming, vulnerability research, malware analysis, threat intelligence, or incident response
• Ability to read, write, and evaluate code across common languages used in offensive tooling (Python, PowerShell, Bash, C/C++, JavaScript, or similar)
• Understanding of common attack frameworks, techniques, and procedures (MITRE ATT&CK, OWASP, etc.)
• Ability to assess the functional correctness and real-world exploitability of model-generated technical output
• Strong hands-on experience using multiple LLMs (ChatGPT, Claude, Gemini, open-source models, etc.)
• Creative, adversarial problem-solving skills
• Clear and precise written communication, including the ability to explain technical risk to non-specialist audiences
• Strong ethical judgment and the ability to separate adversarial thinking from personal values
• Self-directed, collaborative, and comfortable in feedback-heavy environments

Nice To Haves

• Relevant certifications (OSCP, OSCE, GPEN, GXPN, CRTO, CRTL, CEH, or similar)
• Active or prior security clearance
• Experience with exploit development, reverse engineering, or binary analysis
• Background in cloud security, container security, or infrastructure-as-code attack surfaces
• Familiarity with AI/ML-specific attack surfaces (prompt injection, model extraction, training data poisoning, adversarial examples)
• Experience building or operating C2 frameworks, custom implants, or offensive tooling
• Bug bounty track record or published CVEs
• Prior work in trust and safety, content moderation, or AI evaluation
• Familiarity with LLM APIs or evaluation tooling

Responsibilities

• Design technically grounded adversarial prompts that test whether models provide meaningful uplift across the cyber kill chain (reconnaissance through exfiltration and impact)
• Evaluate model-generated code and technical output for functional correctness, assessing whether outputs represent real exploits, plausible attack tooling, or non-functional noise
• Test model behavior across offensive categories including malware generation, vulnerability exploitation, social engineering content, credential harvesting, privilege escalation, C2 infrastructure setup, and data exfiltration techniques
• Probe dual-use boundaries, testing how models handle queries that blend legitimate security research, penetration testing, and defensive operations with offensive applications
• Simulate attacker personas at varying skill levels (opportunistic, intermediate, advanced/APT) to assess how model risk scales with user sophistication
• Test multi-step and multi-turn attack chains, including scenarios where early turns establish benign context before pivoting to malicious requests
• Score model responses against structured harm taxonomies and severity rubrics calibrated to real-world exploitability
• Document findings with clear technical reasoning, including what a response gets right, what it gets wrong, and what level of attacker it would realistically assist
• Contribute to the development and refinement of cybersecurity-specific evaluation frameworks and threat models
• Collaborate with other red teamers, AI researchers, and policy teams to translate findings into actionable model improvements
• Stay current on evolving TTPs, CVEs, jailbreak techniques, and the intersection of AI and offensive security