[Remote] AI Red Team Engineer
Note: The job is a remote job and is open to candidates in USA. Confidential is seeking a skilled Red Team Security Engineer to join their SOC team. The role involves simulating real-world adversary tactics to validate detection and response capabilities while conducting research into AI/LLM security risks.ResponsibilitiesDesign and execute end-to-end red team operations covering the full attack chain: reconnaissance, initial access, lateral movement, privilege escalation, and data exfiltrationReplicate APT group TTPs (e.g., Lazarus, APT41) to validate detection and incident response capabilitiesDevelop and maintain custom offensive tools, C2 frameworks, and evasion techniques to simulate advanced threatsParticipate in BAS (Breach and Attack Simulation) playbook design and execution across Windows, macOS, and Linux platformsResearch AI/LLM attack surfaces: Prompt Injection, model poisoning, adversarial examples, training data contamination, and AI Agent security risksEvaluate security risks in AI/LLM applications (RAG, MCP, Tool Use, Agentic workflows) and provide red team findingsTrack AI security research (MITRE ATLAS, OWASP LLM Top 10) and produce internal threat intelligenceCollaborate with the blue team to translate red team findings into detection rules and defensive hardeningProduce high-quality red team reports with actionable remediation recommendationsSkills3+ years of hands-on penetration testing or red team experienceProficiency with at least one mainstream C2 framework (Cobalt Strike, Sliver, Havoc, etc.)Strong vulnerability exploitation fundamentals: web (OWASP Top 10), internal network (AD attack chains), cloud environmentsFamiliar with MITRE ATT&CK framework; able to map TTPs and design corresponding attack scenariosScripting/tooling development skills (Python, Go, or PowerShell)Holds at least one major red team certification: OSCP, CRTO, CRTE (preferred)(AI Security) Understanding of LLM application architectures (RAG, Agent, MCP, Tool Use) and ability to identify attack surfaces(AI Security) Hands-on research or PoC experience with Prompt Injection, jailbreaking, or model extraction attacks(AI Security) Familiar with MITRE ATLAS framework and AI/ML threat classification(Bonus) Web3 / blockchain security background (smart contract audits, on-chain attack analysis)(Bonus) CTF experience (DEFCON CTF, GeekCon, etc.) or published vulnerability research (CVE, conference talks, technical blog)Company OverviewThis page is owned and operated by Viral Audience. It was founded in undefined, and is headquartered in Silicon Valley, California US, US, with a workforce of 51-200 employees. Its website is .