Ethos Life - AI Red Team Security Engineer
Upload My Resume
Drop here or click to browse · Tap to choose · PDF, DOCX, DOC, RTF, TXT
Requirements
• 7+ years of hands-on penetration testing and offensive security experience in a professional setting • Demonstrated experience testing AI/ML systems, LLM-powered products, or AI APIs • Experience conducting red team engagements • Scripting and tool development • Strong understanding of authentication protocols and common implementation flaws • Familiarity with cloud security architectures and common misconfigurations • Working knowledge of Docker/Kubernetes and container security • Understanding of LLM architectures and how they relate to attack surfaces. • Familiarity with OWASP LLM Top 10 • Practical experience with prompt injection and jailbreak techniques against LLMs • Ability to use LLMs as force-multipliers in red team workflows • Certifications: OSCP, OSEP, CRTO, CRTE, PNPT, CEH, GPEN, GWAPT, or equivalent • Experience with adversarial ML frameworks • Contributions to open-source security tooling or published CVEs / bug bounty hall-of-fame credits • Familiarity with AI governance frameworks • Experience with GenAI infrastructure • Background in threat modeling for AI-powered applications • Reverse engineering skills for binary and mobile assessments • CTF participation or competitive hacking experience • #LI-Remote #LI-MK1 • #LI-Remote #LI-MK1 • The US national base salary range for this full-time position is $152,000 - $269,000. Our salary ranges are determined by role, level, and location. The range displayed on each job posting reflects the minimum and maximum target for new hire salaries for the position across all US locations. Within the range, individual pay is determined by work location and additional factors, including job-related skills, experience, and relevant education or training. • Please note that the compensation details listed in US role postings reflect the base salary only and do not include applicable bonus, equity, or benefits. • You can find further details of our US benefits at https://www.ethoslife.com/careers/ • Don’t meet every single requirement? If you’re excited about this role but your past experience doesn’t align perfectly with every qualification in the job description, we encourage you to apply anyway. At Ethos we are dedicated to building a diverse, inclusive and authentic workplace.
Responsibilities
• AI & LLM Security Testing • Design and execute adversarial attacks against large language model (LLM)-powered products including prompt injection, jailbreaking, goal hijacking, and context manipulation. • Test retrieval-augmented generation (RAG) pipelines for data exfiltration, poisoning, and unauthorized knowledge extraction. • Assess AI agent systems and agentic workflows for unsafe tool-use, privilege escalation, and indirect prompt injection via environment feedback. • Conduct model extraction, membership inference, and adversarial example attacks against deployed ML models. • Evaluate AI guardrails, safety filters, and content moderation layers for bypass techniques. • Penetration Testing & Ethical Hacking • Perform full-scope penetration tests across web applications, REST/GraphQL APIs, mobile apps (iOS/Android), cloud environments (AWS, GCP, Azure), and internal networks. • Conduct red team exercises simulating advanced persistent threat (APT) actors using MITRE ATT&CK and AI-augmented techniques. • Exploit vulnerabilities across the OWASP Top 10 and beyond: SSRF, IDOR, XXE, SSTI, authentication bypasses, and logic flaws. • Perform social engineering and phishing simulations as part of combined red team campaigns. • Conduct cloud and Kubernetes security assessments including IAM misconfigurations, container escapes, and privilege escalation paths. • AI-Augmented Attack Operations • Leverage AI models and tools (e.g., LLMs, code generation, fuzzing assistants) to accelerate vulnerability discovery, payload crafting, and exploit development. • Build or adapt AI-powered reconnaissance, exploitation, and evasion tooling for internal use in red team engagements. • Stay current with adversarial AI research and translate academic findings into practical red team techniques. • Use AI to automate repetitive testing tasks and generate novel attack variants at scale.
No credit card. Takes 10 seconds.