AI Red Tester/Pen Tester/Ethical Hacker
Ref number: RedAI23 Job discipline: Applications Development Job type: Contract (Consulting) Location: Remote Zip: 07932 Compensation: open AI Red Tester/Pen Tester/Ethical Hacker GISG (Global Information Security Group) is one of five domains within our client’s Global Technology & Knowledge group. GISG provides information protection and technology infrastructure and services that secure their technology environment and connects its network of member firms. GISG works with the other GT&K domains to ensure that appropriate security controls are in place for technology solutions. GISG is responsible for:
- Developing and implementing global security strategies
- Overseeing security architecture and enablement
- Delivering regional security services
- Supporting secure digital transformation initiatives
- Collaborating with member firms to ensure consistent security standards
ROLE SUMMARY The Global Red Team Tester will conduct testing of AI models to find vulnerabilities, develop new evaluation frameworks, communicate risks to stakeholders across the global teams and the network of member firms, collaborate with defensive and development teams, and mentor junior team members. KEY ACCOUNTABILITIES % of time Accountability
- 10 Design and execute comprehensive adversarial testing campaigns against AI models, including but not limited to large language models, multimodal systems, and autonomous agents.
- 10 Research attack vectors and prompt injection techniques to identify model vulnerabilities, jailbreaks, and unintended behaviors. Evaluate and introduce AI Security tools that decrease mean time to detect and respond to AI-specific threats.
- 50 Conduct red team exercises simulating real-world deployment scenarios and edge cases. Systematically probe for bias, toxicity, misinformation generation, and other harmful outputs across diverse contexts and demographics. Improve firm’s security posture against emerging AI threats. Concentration is on executing standardized security tests.
- 10 Create adversarial datasets and benchmarks to evaluate model robustness under various attack conditions.
- 10 Collaborate with security teams (e.g., GSOC, member firm security teams, developers) to perform red teaming activities, and document and present findings, vulnerabilities, and remediation recommendations to drive the mitigation of identified risks.
- 10 Develop and maintain process documentation, create reports on testing activities, track operational metrics, and perform other programmatic tasks as required to support the AI Red Team's function.
REQUIREMENTS
- Minimum 5 years of penetration testing or red team operations experience.
- Computer science, information technology, or cybersecurity degree (Bachelor's or higher preferred) from an accredited college or university or equivalent work experience.
- Background in AI red teaming, web application pentration testing, application/network penetration testing, red team operations, or cyber security.
- Familiarity with threat intelligence. Understanding of Artificial Intelligence, Machine Learning, software applications, cloud computing, and networking.
- Excellent communication and stakeholder management skills. Ability to work effectively across geographies and time zones.
CORE TECHNICAL SKILLS INCLUDE
- Testing tools: SPLX, Garak, TextAttack, PyRIT, Burp Suite, Metasploit, Nessus, Cobalt Strike/Mythic/C2, NMAP, sqlmap, or similar tools (familiar with some of these tools or similar)
- Web application technologies and layer 7 protocols (HTTP, DNS, FTP)
- Technical experience in Generative AI, Agents, A2A, and/or MCP
- Programming languages: Python, Ruby, Go, PowerShell, bash or similar (familiar with some of these languages or similar)
- Certifications: OSCP, GPEN, GPXN, AI Red Teamer Job Role Path (HackTheBox), AISEC+, or other industry AI or Red Team related certifications desired
Apply tot his job Apply To this Job