Skip to content
PindropPindropUnited States

Senior Security Engineer

Senior Security Engineer on the Red Team performing offensive security, adversarial testing, and red team operations against GenAI/LLM systems, deepfake defenses, cloud infrastructure, and SaaS products. Requires 3+ years of hands-on pen testing/red team experience plus demonstrable GenAI attack experience.

140k – 165k
Remote3+ YOESecurity Engineering

About the role

What you’ll do

  • Design and execute red team operations against Pindrop’s GenAI systems, LLM pipelines, RAG architectures, autonomous agents, APIs, SaaS products, and cloud environments, simulating real-world attacks across both traditional and AI-specific attack surfaces.
  • Conduct adversarial testing focused on prompt injection, indirect prompt attacks, jailbreaking, model extraction, training-data poisoning, data leakage, inference abuse, and unauthorized output manipulation.
  • Use deepfake generation, voice synthesis, and related spoofing techniques to test and attempt to defeat Pindrop’s voice authentication and deepfake detection capabilities, helping identify model robustness and detection gaps.
  • Develop novel attack chains that combine GenAI vulnerabilities with infrastructure, application, identity, and API weaknesses to create realistic end-to-end threat scenarios.
  • Plan and execute full-scope penetration tests and support bug bounty efforts across Pindrop’s web applications, APIs, SaaS products, and AWS/GCP environments using commercial and open-source offensive tooling.
  • Perform architecture reviews, security code reviews, and threat modeling with emphasis on vulnerabilities introduced by AI/ML components, model integrations, and LLM-facing services.
  • Build automation for offensive security workflows, testing, compliance checks, alerting, and reporting using Python or similar scripting languages, including AI-native attack tooling where useful.
  • Partner closely with SecOps and security engineering to improve detections, tune response workflows, and translate red team findings into practical remediation and defensive improvements.
  • Stay current on GenAI security research, adversarial ML techniques, evolving threat intelligence, and relevant regulatory developments, then apply those insights to Pindrop’s security program.

Who you are

  • Adversarial thinker who approaches security from an attacker’s perspective with creativity, rigor, and curiosity.
  • Genuine hands-on experience attacking AI systems.
  • Continuously look for automation and AI-powered efficiencies in offensive security workflows.
  • Communicate clearly and translate technical findings into prioritized, actionable guidance for technical and executive audiences.
  • Work independently in ambiguous, fast-moving environments with minimal supervision.
  • Resilient, optimistic, accountable, and adaptable.

Your skill-set

Must-haves

  • 3+ years of hands-on penetration testing and red team experience across SaaS applications, cloud infrastructure, APIs, and web applications.
  • Demonstrable experience attacking GenAI or LLM-based systems, including prompt injection, jailbreaking, indirect prompt attacks, model extraction, or adversarial input generation.
  • Hands-on experience with deepfake tools, voice synthesis, or audio/visual spoofing technologies in an offensive or research context.
  • Strong proficiency with offensive security tooling such as Burp Suite, OWASP ZAP, Nmap, Metasploit, Cobalt Strike, or equivalent frameworks.
  • Experience configuring and operating SAST and DAST tools and integrating them into CI/CD pipelines.
  • Proficiency in at least one scripting or programming language, with Python strongly preferred, for custom attack tooling and workflow automation.
  • Familiarity with AI-specialized security tools or frameworks such as Garak, PyRIT, Claude Security, or similar adversarial ML tooling.
  • Strong understanding of cloud security architecture, container security, API security, and common security standards including ISO 27001/27002, NIST, CIS, PCI DSS, OWASP, and SOC 2.

Nice-to-haves

  • Prior software development or secure architecture experience, including the ability to reason about production code across multiple languages.
  • Research, publication, or deep practitioner background in adversarial machine learning, LLM security, or voice/audio deepfake detection.
  • Relevant certifications such as OSCP, GPEN, GWAPT, GXPN, CEH, or equivalent.
  • Prior experience in voice biometrics, AI security, fraud prevention, or similarly high-risk product environments.

What we offer

  • Competitive compensation package, including RSUs (Restricted Stock Units) for all employees.
  • Remote-first environment.
  • Unlimited Paid Time Off (PTO).
  • Generous health and welfare plans including employer-paid “employee-only” plan, HSA contribution, low-cost vision and dental.
  • Paid Parental Leave.
  • One year of diaper delivery for new additions.
  • Recurring monthly phone and internet allowance.
  • Enhanced fertility and GLP-1 benefits.
  • Annual Learning & Development stipend.

Skills

Penetration TestingRed Team OperationsPrompt InjectionJailbreakingModel ExtractionDeepfake GenerationVoice SynthesisBurp SuiteMetasploitCobalt StrikePythonGarakPyritAWSGCP
Ontic

Senior AI Security Engineer

OnticUnited States

Lead development of AI security controls, governance frameworks, and risk management practices. Conduct assessments, implement guardrails, and ensure responsible AI deployment across the organization.

140k – 160k
Remote5+ YOESecurity Engineering
Govsignals

Compliance Operations Lead

GovsignalsNew York, NY

Leads end-to-end compliance program for FedRAMP High, IL5, CMMC Level 2, and SOC 2 at a high-growth govtech startup. Automates evidence collection, partners with engineering on secure-by-design practices, and supports sales with customer trust narratives. Requires 3+ years in startup compliance with high-impact authorizations.

140k – 190k
Hybrid3+ YOESecurity Engineering
Cerebras Systems

Distributed Systems Cluster Security Software – Engineering Lead

Cerebras SystemsSunnyvale, CA

Leads engineering for security in large-scale AI clusters with hundreds of wafer-scale accelerators and thousands of servers. Requires 3+ years leadership in distributed systems security, strong Kubernetes and networking expertise, and building secure multi-tenant solutions.

140k – 240k
On-siteSecurity Engineering
Teleport

Senior Software Engineer, Security

TeleportUnited States

Senior Software Engineer building security features for Teleport's access platform, focusing on cryptography, networking, automation, AI agents, and detection/response using Go/Rust. Contributes to open-source code reviews, vulnerability hunting, and hardening defenses.

138k – 342k
RemoteSecurity Engineering
Lyft

Senior Security Engineer, Corporate Security

LyftSeattle, WA

Builds secure processes and systems for corporate security, partnering cross-functionally to enable safe operations. Requires 5+ years engineering experience with Python/Go, databases, networking protocols, and security systems.

136k – 170k
Hybrid5+ YOESecurity Engineering