Senior Application Security Tester & AI Red Team Subject Matter Expert
USD 150K-187K (estimate) Senior-level Full Time
Tasks
- Assess RAG and vector store security
- Build AI red team methodology and tooling
- Conduct REST and GraphQL API testing
- Design evaluation harnesses for LLM systems
- Evaluate agent tool use and excessive agency
- Execute API penetration tests
- Lead web application penetration tests
- Map findings to OWASP and MITRE frameworks
- Mentor engineers and OSOC analysts
- Perform AI red team assessments
- Report findings to client security leadership
- Represent firm externally with technical thought leadership
- Review client code and configurations
- Test LLM prompt injection and jailbreaks
- Test session management and secrets handling
- Validate authentication and authorization flows
Perks/Benefits
Skills/Tech-stack
AI Risk Management Framework | API Security | Application Security | Application penetration testing | Authentication bypass | Authorization bypass | Bash | BloodHound | Burp Suite | Business Logic | Business logic testing | Crew Orchestration | CrewAI | Cross-Site Scripting | Data poisoning | Denial of Service | Deserialization Attacks | Garak | Giskard | GraphQL | Input validation | Insecure Output Handling | JSON Web Token | Jailbreaks | JavaScript | LLM security | Langchain | Llamaindex | Logic testing | MCP | MITRE ATLAS | Management Framework | Metasploit | Model Denial of Service | Multi-Factor | Multi-Factor Authentication | Mutual TLS | NIST AI | NIST AI Risk | NIST AI Risk Management | NIST AI Risk Management Framework | Nmap | Nuclei | OAuth 2.0 | OWASP ZAP | Offensive security | OpenID Connect | PGVector | Penetration Testing | Pinecone | Postman | Powershell | Prompt injection | Promptfoo | Prototype Pollution | Pyrit | Python | RAG Security | REST | Request Smuggling | Risk Management Framework | SAML | SQL Injection | Server Side | Server Side Request Forgery | Session management | Store Security | Supply Chain | Supply chain security | Threat modeling | Training data | Training data poisoning | TypeScript | Vector Databases | Vector Store | Vector Store Security | Weaviate | Web Application | Web application security
Education
N/A
Related jobs
-
Principal Red Team Operator / Leader - Hybrid USD 145K-270KActive Directory | Adversary Emulation | Application penetration testing | Automation | Cloud Identity401k matching | Dental insurance | Flexible work from home schedule | Life insurance | Medical insuranceSenior-level Full TimeManassas, United States R1d ago
-
Cybersecurity Pentester USD 82K-173KApplication Security | Burp Suite | C++ | Cobalt Strike | ComplianceMid-level Full TimeNE, United States R1d ago
-
Software Tester USD 130K-150KAPI | AWS Lambda | Accessibility testing | Angular | ApachePublic trust clearance support | Remote workSenior-level Full TimeWashington, DC, United States R2d ago
-
Secure AI Consultant USD 79K-115KAI Governance | AI RMF | Access Control | Access Management | Audit Logging401k retirement plan | Dental insurance | Employee assistance program | Medical insurance | Paid HolidaysMid-level Full TimeUSA, KS, Work-at-Home, United States R2d ago
-
Sr. Staff AI Security Engineer, AI Native Platform USD 209K-309KABAC | Access Management | Adversarial Testing | Agentic Observability | Application SecurityEquity | Medical, dental, and vision benefits | Remote work within USSenior-level Full TimeRemote, USA R4d ago
-
Cyber Support Specialist USD 80K-125KApplication Security | Application Security Testing | Assessment and Authorization | COTS Vulnerability Scanning | Cloud Cyber DefenseHigh intensity operations environment | Rotating shift schedule | Shift rotation 4 days on 3 days offMid-level Full TimeRemote, United States R4d ago
-
Senior Purview Specialist USD 119K-258KCCPA | Compliance Query | Compliance reporting | DLP rules | Data ClassificationSenior-level Full Time(Multiple States) R5d ago
-
SBA - Penetration Tester - Lead USD 104K-166K800-53 | API Security | Adversarial Emulation | Amazon Web Services | Application SecuritySenior-level Full TimeUnited States - Remote R5d ago
-
Lead, CyberSecurity Advocacy USD 106K-147KC# | DAST | Git | IAST | Java401k retirement savings | Company holidays | Dental insurance | Life insurance | Long-term disabilitySenior-level Full TimeWork at Home - Kentucky, United … R6d ago
-
Tech Consulting - ERP Apps Specialist I USD 74K-157KAIX | AWS CLI | Apache Tomcat | Azure CLI | Azure ServiceRemote workMid-level Full TimeHome based-Georgia, United States R6d ago
-
Tech Consulting - ERP Apps Specialist I USD 74K-157KAWS CLI | Apache Tomcat | Azure CLI | CI/CD | Certificate-based authenticationAnnual incentive bonus | Country-specific benefits | Remote workMid-level Full TimeHome based-Georgia, United States R6d ago
-
Penetration Tester - Contract USD 99K-180KAI Security | API Security | AWS CloudWatch | AWS IAM | AWS LambdaBackground checkMid-level Full TimeU.S. Remote R6d ago
-
Pen Tester USD 86K-141KActive Directory | Attack Path | Attack Path Analysis | Binary Analysis | Binary NinjaFlexible part-time hours | Onsite travel for two one week engagements | Remote work | Secret clearance preferredMid-level Full TimeRemote, Washington, State R6d ago
-
Admin Console | Apps Script | ChromeOS | Cloud platform | Endpoint SecurityMentorship | Professional workshops | Remote workEntry-level InternshipChicago, Illinois, United States - Remote R7d ago
-
AI/Machine Learning Engineer Intern USD 50K-50KAPI | LLM | Language Processing | Machine Learning | Natural LanguageEntry-level InternshipUnited States - Remote R7d ago
-
Cyber Security Specialist, Threat Intelligence (Remote) USD 140K-190KAdvanced Detection Engineering | Cybersecurity Risk Management | Cybersecurity risk | Detection engineering | Incident ResponseRemote workSenior-level Full TimeUnited States R7d ago
-
Lead Associate Principal, Quantitative Risk Management USD 128K-230KBacktesting | Copula | Data Modeling | Design Patterns | Expected shortfall401k employer match | Generous paid time off | Health benefits (medical, dental, vision) | Hybrid work environment | Parental leaveMid-level Full TimeChicago - 125 S Franklin, United … R8d ago
-
API Security | Adversarial Robustness | Adversarial inputs | Application Security | Burp SuiteAsynchronous work | Fully remote | Weekly paymentsSenior-level Full TimeMiami R8d ago
-
Red Team Consultant USD 146K-200KAWS | Active Directory | Azure | Bash | C SharpProfessional growth | Remote work | Wellbeing benefitsSenior-level Full TimeU.S. or Mexico Remote R8d ago
-
Senior Red Team Consultant USD 146K-225KAWS | Active Directory | Azure | Bash | C#Health and wellbeing benefits | Mexico based team | Professional growth support | Remote work | US based teamSenior-level Full TimeU.S. or Mexico Remote R8d ago
-
Sr Staff Engineer — AI Security Architecture (HYBRID) USD 120K-260KAccess Management | Active Directory | Ansible | Azure Active Directory | Azure DevOps401k with matching | Adoption Assistance | Certification assistance | Employee engagement and recognition | Fertility assistanceSenior-level Full TimeWA Seattle - JPS, United States R9d ago
-
Legal Data Analyst USD 85K-129KData Privacy | Data Protection | Data Quality | EDiscovery | ElasticsearchMid-level Full TimeUnited States R12d ago
-
Penetration Tester USD 86K-198KAWS | Application Security Testing | Applied cryptography | Authentication Security | Cloud SecurityDiversity-focused workplace | Inclusive culture | Remote workMid-level Full TimeU.S. Remote R12d ago
-
API Security | Active Directory | Application Security | Application exploitation | Attack PathCareer coaching | Training opportunities | Travel opportunitiesSenior-level Full TimeMcLean, VA, US, 22102 R13d ago
-
IoT / ICS / OT Penetration Tester USD 150K-220K5G | AI-assisted Security | ARM | Authentication bypass | Automotive EthernetComprehensive benefits | Equity | Learning stipends | Remote-firstMid-level Full TimeUnited States or Canada R13d ago