Senior AI Security Engineer (Red and blue team)

Key Responsibilities:

The Red (Adversarial Simulation)

AI Red Teaming: Conduct advanced adversarial testing on Large

Language Models (LLMs) and Agentic AI workflows. Execute prompt

injections, jailbreaking, model inversion, and data poisoning attacks.

Agentic Threat Simulation: Test autonomous agents for excessive

agency vulnerabilitiesmanipulating agents into performing

unauthorized actions (e.g., executing SQL commands, escalating

privileges, or leaking PII).

Automated & Manual Testing: Leverage tools like Garak, PyRIT, or

TextAttack for automated scanning, while applying manual creativity to

find logic flaws in multi-agent orchestration.

Chain-of-Thought Exploitation: Analyze and exploit flaws in the

reasoning loops of autonomous agents (e.g., LangChain or AutoGen

workflows).

The Blue (Defense & Engineering)

Guardrail Engineering: Design and implement input/output filters using

tools like NVIDIA NeMo Guardrails, Llama Guard, or Lakera.

Identity & Access Control: Architect Non-Human Identity policies for AI

agents, ensuring they adhere to Least Privilege (e.g., preventing an

agent from deleting DB records).

Detection Engineering: Build monitoring pipelines to detect real-time

attacks (e.g., identifying a DAN attack pattern in live chat logs) and

automate response triggers.

Remediation: Don't just report bugsfix them. Rewrite system prompts

to be robust against social engineering and re-architect RAG pipelines

to prevent data leakage.

The FDE (Client Engagement)

Embedded Problem Solving: Work on-site with client engineering

teams to understand their specific business logic and deploy secure AI

architectures.

Threat Modeling: Lead workshops to map the Blast Radius of a client's

AI agents (i.e., if this agent is compromised, what can it destroy).

Requirements

Skills and Qualifications:

Experience: 5+ years in Cybersecurity, with at least 2 years focused on

Application Security, Penetration Testing, or ML Security.

AI/ML Depth: Deep understanding of LLM architectures (Transformers,

RAG, Fine-tuning). You understand how a model thinks and where it

hallucinates.

Technical Stack:

Languages: Proficient in Python (mandatory for building custom attack

scripts and harness).

AI Frameworks: Experience with LangChain, Semantic Kernel, or

Bedrock.

Security Tools: Burp Suite, OWASP ZAP, plus AI-specific tools (Garak,

PyRIT).

Offensive Mindset: Proven ability to think like an adversary (e.g., CVEs,

Bug Bounties, or CTF wins).

Defensive Engineering: Experience implementing WAFs, API Gateways,

or IAM policies (OAuth, OIDC)

Benefits

What We Offer:

Competitive salary and benefits package.

Opportunities for professional growth and advancement.

Exposure to cutting-edge technologies and projects.

A collaborative and supportive work environment.