Requirements
- 7+ years of hands-on penetration testing and offensive security experience in a professional setting
- Demonstrated experience testing AI/ML systems, LLM-powered products, or AI APIs
- Experience conducting red team engagements
- Scripting and tool development
- Strong understanding of authentication protocols and common implementation flaws
- Familiarity with cloud security architectures and common misconfigurations
- Working knowledge of Docker/Kubernetes and container security
- Understanding of LLM architectures and how they relate to attack surfaces.
- Familiarity with OWASP LLM Top 10
- Practical experience with prompt injection and jailbreak techniques against LLMs
- Ability to use LLMs as force-multipliers in red team workflows
Nice to Have
- Certifications: OSCP, OSEP, CRTO, CRTE, PNPT, CEH, GPEN, GWAPT, or equivalent
- Experience with adversarial ML frameworks
- Contributions to open-source security tooling or published CVEs / bug bounty hall-of-fame credits
- Familiarity with AI governance frameworks
- Experience with GenAI infrastructure
- Background in threat modeling for AI-powered applications
- Reverse engineering skills for binary and mobile assessments
- CTF participation or competitive hacking experience