AI Penetration Testing Expert
Alignerr · United States · 4 days ago
RemoteRemoteQuality AssuranceContract
What You'll Do
- C Conduct penetration tests against AI-powered applications, APIs, and infrastructure to uncover security vulnerabilities
- B Identify and exploit weaknesses in AI/ML pipelines, including prompt injection, model manipulation, data poisoning vectors, and authentication flaws
- C Perform web application, network, and API security assessments using industry-standard tools and methodologies
- D Simulate real-world attack scenarios — from reconnaissance through exploitation and post-exploitation
- E Document findings in clear, structured reports with severity ratings, evidence, and actionable remediation guidance
- F Evaluate AI-specific attack surfaces including adversarial inputs, jailbreaks, and data exfiltration risks
- G Stay current with emerging AI security threats and contribute insights to improve testing methodologies
- H Work independently on task-based engagements on your own schedule
Who You Are
- A Experienced penetration tester with a strong understanding of offensive security principles and methodologies (OWASP, PTES, MITRE ATT&CK)
- B Proficient with industry-standard tools such as Burp Suite, Metasploit, Nmap, Kali Linux, or equivalent
- C Solid understanding of web application security, network security, and API security testing
- D Able to think like an attacker — creative, persistent, and methodical in finding what others miss
- E Strong written communication skills — you can translate complex technical findings into clear, actionable reports
- F Self-motivated and reliable when working independently without direct supervision
- G Comfortable working across diverse technology stacks and environments
Nice to Have
- A Relevant certifications such as OSCP, OSCE, CEH, GPEN, GXPN, or eWPT
- B Experience with AI/ML security testing — adversarial machine learning, prompt injection, LLM red-teaming
- C Background in red teaming, bug bounty programs, or CTF competitions
- D Familiarity with cloud security (AWS, GCP, Azure) and container security
- E Programming or scripting skills in Python, Bash, PowerShell, or similar
- F Knowledge of secure development practices and DevSecOps workflows
- G Experience conducting security assessments in compliance-driven environments (SOC 2, ISO 27001, etc.)