Jobs · Engineering

Staff Attack Engineer, AI/LLM

Horizon3.ai · United States · 1 wk ago
RemoteRemoteEngineering$223k–$275k/yrFull-time

About the role

We are hiring a Staff Attack Engineer specializing in AI/LLM security to join our team. You will break AI and agentic systems and turn that research into automated attacks inside NodeZero, our autonomous pentesting platform.

Essential Functions

  • Attacking AI/LLM Systems
    • BREAK AI and agentic systems and translate that research into automated, repeatable attack modules for NodeZero.
    • DESIGN AND EXECUTE PROMPT INJECTION AND DEFENSE EVASION ATTACKS, FOCUSING ON GENERALIZED, REUSABLE PATTERNS.
    • CONDUCT TOOL-US EXPLOITATION, ABUSING LLM AGENTS' ACCESS TO CODE, FILE SYSTEMS, APIs, AND DATABASES FOR ATTACKER-REALISTIC OUTCOMES (E.G., CONTEXT POISONING, RCE, DATA EXFILTRATION, PRIVILEGE ESCALATION).
    • TARGET AI INFRASTRUCTURE (MODEL SERVING, TRAINING PIPELINES, VECTOR DATABASES, GPU/MLOPS TOOLING) WITH AN UNDERSTANDING OF REAL-WORLD ENTERPRISE DEPLOYMENTS AND MISCONFIGURATIONS.
    • RESEARCH AND APPLY MODEL AND SUPPLY CHAIN ATTACKS (POISONING, TRAINING DATA EXTRACTION, ADVERSARIAL INPUTS, DEPLOYMENT PIPELINE ABUSE).
    • PERFORM THREAT MODELING FOR AGENTIC SYSTEMS, MAPPING TRUST BOUNDARIES AND ATTACK SURFACES AND TURNING THEM INTO CONCRETE ATTACK PATHS.
    • APPLY A STRONG PRODUCTIZATION MINDSET, TURNING MANUAL TECHNIQUES INTO SAFE, RELIABLE, AND SCALABLE AUTOMATED TOOLING.
  • BUILD WITH LLMs
    • BUILD AND EXTEND LLM-Powered APPLICATIONS (PROMPTING, STRUCTURED OUTPUT, AGENTIC WORKFLOWS).
    • DESIGN WITH PRODUCTION CONCERNS IN MIND: COST, SAFETY AND HALLUCINATION GUARDRAILS, RELIABILITY, AND OBSERVABILITY.
    • DESIGN AND EXTEND MICROSERVICES THAT ORCHESTRATE LLM TASKS AND INTEGRATE WITH NODEZERO AND RELATED OFFENSIVE WORKFLOWS.

Competencies / Requirements

  • Expert-level Python and software engineering skills.
  • Solid penetration testing fundamentals and understanding of common attack chains.
  • Familiarity with AI/LLM security frameworks (e.g., OWASP Top 10 for LLMs, MITRE ATLAS).
  • Experience in a security product or offensive security team, ideally with shipped offensive capabilities or tooling.
  • Proven ability to break AI/LLM and agentic systems.
  • CLEAR UNDERSTANDING OF TRUST BOUNDARIES AROUND AI TOOLS, DATA SOURCES, AND PERMISSIONS, AND HOW TO SYSTEMATICALLY TEST AND EXPLOIT THEM.
  • EXPERT-LEVEL OWNERSHIP – DRIVES HIGH-COMPLEXITY, HIGH-RISK PROGRAMS AND SETS STRATEGY, NOT JUST EXECUTION.
  • SELF-MOTIVATED – IDENTIFIES PROBLEMS AND BUILDS SOLUTIONS PROACTIVELY.
  • INDUSTRY OBESESSED – TRACKS THE FAST-MOVING AI SECURITY LANDSCAPE AND CAN SPEAK TO RECENT DEVELOPMENTS, NEW ATTACKS, AND WHERE THE FIELD IS HEADIN.

Nice-to-Have Experience

  • With other cloud AI services (e.g., Azure OpenAI, GCP Vertex AI).
  • Contributions to AI security research (blog posts, conference talks, CVEs, open-source tools).
  • Experience with AWS Bedrock and AWS Agent Core.
  • Familiarity with graph databases (e.g., Neo4j).
  • Background in traditional exploit development or vulnerability research.
  • CTF experience, particularly in AI/ML-focused challenge categories.

Perks of Horizon3.ai

  • Inclusive Team: We value diversity and promote an inclusive culture where everyone can thrive.
  • Growth Opportunities: Be part of a dynamic and growing team with numerous career development opportunities.
  • Innovative Culture: Work in a collaborative environment that encourages creativity and out-of-the-box thinking.
  • Remote Work: We are a 100% remote company. Enjoy the convenience and work-life balance that comes with remote work.
  • Competitive Compensation: We offer competitive salary, equity and benefits. Our benefits include health, vision & dental insurance for you and your family, a flexible vacation policy, and generous parental leave.

Compensation And Values

We are committed to fostering an environment where all employees feel valued, respected, and rewarded for their contributions. Our compensation structure is designed to be fair, competitive, and transparent, ensuring that every team member is recognized and compensated equitably across roles, levels, and locations.

Other Duties

Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee. Duties, responsibilities, and activities may change at any time with or without notice.

Similar jobs

Staff AI Security Engineer

Spring HealthSeattle, WA· 2 wk ago
Information Technology$208k–$251k/yrapply on job-boards.greenhouse.io