AI Red Team Security Engineer
This position is listed on behalf of a partner company, who manages all applications and next steps. Our partner is looking for an AI Red Team Security Engineer based in the United States.
This role sits at the intersection of offensive security and artificial intelligence, focusing on identifying and exploiting vulnerabilities across modern AI-driven systems and traditional infrastructure.
You will simulate real-world adversaries to uncover weaknesses in web applications, APIs, cloud environments, and internal networks before malicious actors can exploit them.
A major part of the mission involves testing LLM-powered products, AI agents, and RAG pipelines for prompt injection, data leakage, and unsafe tool use.
You will leverage both classical penetration testing techniques and AI-augmented tooling to accelerate discovery and develop novel attack strategies.
Working closely with engineering and product teams, you will translate findings into actionable security improvements that strengthen system resilience.
The environment is fast-moving, research-driven, and highly collaborative, with a strong emphasis on innovation in adversarial AI security.
Accountabilities:
- Design and execute adversarial testing against LLMs, AI agents, and ML systems, including prompt injection, jailbreaks, model extraction, and RAG exploitation scenarios.
- Conduct full-scope penetration testing across web, API, mobile, cloud (AWS/GCP/Azure), Kubernetes, and internal enterprise environments.
- Simulate advanced persistent threat (APT) campaigns using MITRE ATT&CK frameworks and realistic attack chains.
- Identify and exploit vulnerabilities such as authentication bypasses, SSRF, IDOR, injection flaws, and cloud misconfigurations.
- Develop and use AI-augmented tools to enhance reconnaissance, payload generation, fuzzing, and exploit development.
- Assess AI safety mechanisms, guardrails, and moderation layers for bypass techniques and failure modes.
- Perform security evaluations of agentic workflows, including privilege escalation and unsafe tool execution paths.
- 7+ years of hands-on experience in penetration testing, red teaming, or offensive security roles.
- Demonstrated experience testing AI/ML systems, LLM applications, or AI APIs in adversarial contexts.
- Strong background in web application security, API security, and cloud security architectures.
- Practical experience with red team engagements and APT simulation exercises.
- Solid understanding of authentication mechanisms, common implementation flaws, and system design weaknesses.
- Working knowledge of Docker, Kubernetes, and container security principles.
- Familiarity with LLM architectures, prompt injection techniques, and OWASP LLM Top 10 risks.
- Ability to script and build security tools for automation and offensive security workflows.
- Experience leveraging LLMs as force multipliers in security testing and research.
- Preferred certifications (e.g., OSCP, OSEP, CRTO, GPEN, GWAPT) or equivalent hands-on expertise.
- Bonus: contributions to open-source security tools, CVEs, bug bounty programs, or AI security research.
- Competitive base salary range: $152,000 – $269,000 (US-based roles, depending on experience and location)
- Eligibility for additional bonus and equity compensation packages
- Fully remote or flexible work arrangements
- Comprehensive healthcare and wellness benefits (medical, dental, vision)
- Opportunity to work at the forefront of AI security and adversarial research
- High-impact role influencing product security across AI-driven systems
- Supportive environment for professional development, certifications, and research contributions.
Requirements:
Benefits:
Security pay context
Based on 1,615 disclosed Security salaries on RoleSuite, the role pays a median of $142K/year, with most offers between $114K and $180K (10th–90th percentile: $93K–$216K).
This posting lists $152K–$269K, above the $142K market median.
See the full Security salary breakdown →