Job Title: Senior Offensive Security Engineer - Web & AI Systems
Location: Mountain View, CA (Hybrid- 4 days onsite)
Duration: 12 Months
 
Team: MPS:DQI
 
About the Role

• We are looking for a Senior Offensive Security Engineer to proactively identify, exploit, and help eliminate security weaknesses across our web platforms and AI/ML systems. In this role, you will think like an attacker, operate with engineering rigor, and work closely with product, platform, and AI teams to raise the security bar across the organization.
• You will lead complex penetration tests, design novel attack techniques for web and modern AI-powered applications, and influence secure-by-design architecture at scale.

Responsibilities

• Conduct offensive security assessments on large-scale web applications, REST APIs, and cloud-backed services.
• Identify and validate vulnerabilities including injection flaws, access control issues, authentication/authorization weaknesses, SSRF, deserialization, and logic bugs.
• Evaluate LLM-based systems and AI agents for prompt injection, data exfiltration, model abuse and jailbreaks
• Design and execute red team–style engagements simulating real-world adversaries.
• Develop custom exploitation tools, PoCs, and fuzzers for web and AI attack surfaces.
• Identify systemic security weaknesses and collaborate with engineering teams to drive long-term mitigations.
• Review architectures and designs for new products with an attacker mindset.
• Produce clear, actionable security reports and present findings to technical and executive stakeholders.

Minimum Qualifications

• Master’s degree in Computer Science, Computer Engineering, Information Security, or a closely related technical field.
• Doctorate (PhD) in a relevant field is a plus but not required.
• 5+ years of experience in offensive security, penetration testing, or red teaming.
• Deep expertise in web application security.
• Strong understanding of API security.
• Hands-on experience testing AI/ML or LLM-based systems, or strong motivation with demonstrated research in this area.
• Proficiency in at least one scripting or programming language (Python, Go, JavaScript, or similar).
• Strong knowledge of common exploitation techniques and attacker tooling.

Preferred Qualifications

• Prior work on adversarial ML, red-teaming AI systems, or secure LLM pipeline design.
• Experience with cloud security (AWS, GCP, Azure) and containerized environments.
• Background in security research, published CVEs, CTF experience, blog posts, or conference talks.
• OSCP, OSEP, OSWE, CRTO, or similar.

 
 
At SPECTRAFORCE, we are committed to maintaining a workplace that ensures fair compensation and wage transparency in adherence with all applicable state and local laws. This position’s starting pay is: $ 90.00/hr.