San Francisco, California, United States Remote (Global) Full-time USD 275,000 – 300,000 / year

Current openings at Postman is hiring a Principal Offensive Security Engineer

Responsibilities

  • Develop and implement a long-term offensive security strategy that aligns red and purple team initiatives with business goals and emerging threats.
  • Establish and grow a specialized offensive security function dedicated to AI/ML systems, including adversarial testing of large language models, agent workflows, RAG pipelines, and model-serving environments.
  • Monitor and apply advancements in AI-specific threat intelligence from sources like OWASP LLM Top 10 and MITRE ATLAS to improve internal red team operations and detection strategies.
  • Conduct in-depth adversarial campaigns targeting AI deployments, focusing on prompt injection, tool misuse, data leakage, training data poisoning, and trust boundary exploits.
  • Create and deploy AI-powered penetration testing tools and autonomous agents for ongoing security validation across the API ecosystem.
  • Shift from manual penetration testing to continuous offensive security by embedding automated breach and attack simulation into CI/CD and AI model deployment processes.
  • Lead, mentor, and scale a team of offensive security engineers, including specialists in AI red teaming, with a focus on career growth and leadership development.
  • Recruit top-tier talent at the intersection of offensive security and artificial intelligence, while building internal pathways for engineers to transition into AI-focused roles.
  • Deliver live demonstrations of exploit techniques to engineering teams, making AI-related vulnerabilities understandable and actionable for non-specialists.
  • Convert technical findings into clear, business-relevant risk assessments for executives, boards, and external partners.
  • Collaborate with governance, risk, and compliance teams to provide audit evidence and support compliance with AI-specific standards such as ISO 42001.
  • Serve as a senior technical advisor across security and engineering functions, ensuring offensive insights lead to measurable improvements in system resilience and detection capabilities.

Compensation

The estimated base salary ranges from $275,000 to $300,000, with an additional competitive equity package. Final compensation is determined by the candidate's skills, experience, and qualifications.

Work Arrangement

Remote (Worldwide) — San Francisco, Boston, New York, Austin, Tokyo, London, Bangalore

About company
Current openings at Postman
Interested in working at Postman? Learn about who we are, what we do, how we do it and get a list of our job openings.
All jobs at Current openings at Postman Visit website
Job Details
Department Information Security
Category security
Posted 3 hours ago