Offensive Security & Red Team
Engineers in this role execute offensive security assessments and red team operations across AI company infrastructure, applications, and—critically—AI-specific attack surfaces including prompt injection, model exfiltration, agent abuse, and tool-use exploitation. They combine hands-on penetration testing and adversarial simulation with custom tooling development, performing both rapid, targeted engagements and comprehensive open-scope operations that validate detection and response capabilities end-to-end. What sets this work apart is the focus on emerging AI risks: engineers assess production language models, agentic systems, and ML pipelines alongside traditional cloud, Kubernetes, and endpoint surfaces. They sit within the security function, partnering closely with defensive teams and product engineering to identify vulnerabilities early in design, then translate findings into actionable risk narratives that drive remediation and inform broader security strategy.
Skills
What companies are looking for in this role.
Planning and executing red team and purple team engagements against complex infrastructure and applications
Conducting penetration testing across web applications, APIs, mobile clients, and cloud infrastructure
Developing custom offensive tools, exploits, and automation frameworks
Conducting threat modeling sessions with engineering teams to identify attack vectors
Assessing cloud security across multiple platforms including AWS, GCP, and Azure
Simulating sophisticated adversary tactics and chaining vulnerabilities to demonstrate business impact
Researching emerging attack techniques and adversary tradecraft
Performing whitebox code review and vulnerability analysis to identify logic flaws and authorization bypasses
Evaluating Kubernetes and container security in production environments
Testing endpoint security on macOS and Linux systems
Assessing CI/CD pipeline security and supply chain integrity
Building secure-by-design systems and embedding security into development lifecycle
Developing and maintaining security tooling and hardened base configurations
Performing network penetration testing and lateral movement exploitation
Performing mobile security testing on iOS and Android platforms
Reverse engineering firmware, bootloader images, and hardware components
Testing hardware-software interactions and secure boot processes
Identifying and exploiting AI/ML-specific attack surfaces including prompt injection, model exfiltration, and agent abuse
Testing AI-integrated and LLM-powered applications for unique security vulnerabilities
Identifying novel attack surfaces in distributed AI systems and agentic workflows
Automating security testing and developing regression pipelines for vulnerability detection
Researching LLM misuse scenarios and developing forward-looking defensive strategies
Writing clear, actionable security findings for both technical and executive audiences
Collaborating with defensive security and engineering teams to validate and remediate findings
Influencing security strategy and launch criteria through attacker perspective insights
Triaging vulnerabilities and coordinating remediation across internal and external teams
Operating with technical depth as a player-coach, managing teams and individual execution
Technology
The tools and technologies that define this role.
Open Jobs
13 open Offensive Security & Red Team jobs across 10 companies.
Other Security roles
Identifies and mitigates security vulnerabilities in applications and products.
Secures cloud infrastructure, networks, and systems.
Generalist security engineering role spanning multiple security domains. For security engineers who work across application, infrastructure, and cloud security without a single dominant specialization. The default home for "Security Engineer" titles when the function is clearly Security.
Builds detection systems, investigates security incidents, and leads incident response efforts.
Designs and maintains identity infrastructure, authentication systems, and access control policies.