[Remote] AI Red Team Security Engineer
Note: The job is a remote job and is open to candidates in USA. Ethos is a leading life insurance technology company on a mission to protect families by democratizing access to life insurance. They are seeking a skilled AI Red Team Security Engineer to join their offensive security team, where the primary responsibility will be to simulate real-world adversaries and exploit vulnerabilities across applications, cloud infrastructure, and AI/ML systems using both traditional and AI-augmented techniques.ResponsibilitiesDesign and execute adversarial attacks against large language model (LLM)-powered products including prompt injection, jailbreaking, goal hijacking, and context manipulationTest retrieval-augmented generation (RAG) pipelines for data exfiltration, poisoning, and unauthorized knowledge extractionAssess AI agent systems and agentic workflows for unsafe tool-use, privilege escalation, and indirect prompt injection via environment feedbackConduct model extraction, membership inference, and adversarial example attacks against deployed ML modelsEvaluate AI guardrails, safety filters, and content moderation layers for bypass techniquesPerform full-scope penetration tests across web applications, REST/GraphQL APIs, mobile apps (iOS/Android), cloud environments (AWS, GCP, Azure), and internal networksConduct red team exercises simulating advanced persistent threat (APT) actors using MITRE ATT&CK and AI-augmented techniquesExploit vulnerabilities across the OWASP Top 10 and beyond: SSRF, IDOR, XXE, SSTI, authentication bypasses, and logic flawsPerform social engineering and phishing simulations as part of combined red team campaignsConduct cloud and Kubernetes security assessments including IAM misconfigurations, container escapes, and privilege escalation pathsLeverage AI models and tools (e.g., LLMs, code generation, fuzzing assistants) to accelerate vulnerability discovery, payload crafting, and exploit developmentBuild or adapt AI-powered reconnaissance, exploitation, and evasion tooling for internal use in red team engagementsStay current with adversarial AI research and translate academic findings into practical red team techniquesUse AI to automate repetitive testing tasks and generate novel attack variants at scaleSkills7+ years of hands-on penetration testing and offensive security experience in a professional settingDemonstrated experience testing AI/ML systems, LLM-powered products, or AI APIsExperience conducting red team engagementsScripting and tool developmentStrong understanding of authentication protocols and common implementation flawsFamiliarity with cloud security architectures and common misconfigurationsWorking knowledge of Docker/Kubernetes and container securityUnderstanding of LLM architectures and how they relate to attack surfacesFamiliarity with OWASP LLM Top 10Practical experience with prompt injection and jailbreak techniques against LLMsAbility to use LLMs as force-multipliers in red team workflowsCertifications: OSCP, OSEP, CRTO, CRTE, PNPT, CEH, GPEN, GWAPT, or equivalentExperience with adversarial ML frameworksContributions to open-source security tooling or published CVEs / bug bounty hall-of-fame creditsFamiliarity with AI governance frameworksExperience with GenAI infrastructureBackground in threat modeling for AI-powered applicationsReverse engineering skills for binary and mobile assessmentsCTF participation or competitive hacking experienceBenefitsPlease note that the compensation details listed in US role postings reflect the base salary only and do not include applicable bonus, equity, or benefits.You can find further details of our US benefits at https://www.ethoslife.com/careers/Company OverviewEthos makes getting life insurance instant and easy. It was founded in 2016, and is headquartered in Austin, Texas, USA, with a workforce of 501-1000 employees. Its website is http://www.ethos.com.Company H1B SponsorshipEthos has a track record of offering H1B sponsorships, with 9 in 2025, 11 in 2024, 8 in 2023, 27 in 2022, 17 in 2021, 9 in 2020. Please note that this does not guarantee sponsorship for this specific role.