AI Red Team Security Engineer

<div class="content-intro"><h3><strong>About Ethos</strong></h3> <p>Ethos is a leading life insurance technology company on a mission to protect families by democratizing access to life insurance and empowering agents at scale. With its robust three-sided technology platform, Ethos is transforming the life insurance experience for consumers, agents, and carriers alike. Ethos offers instant, accessible products and a seamless online process that requires no medical exams and just a few health questions; it eliminates traditional barriers, making it easier than ever for everyone to protect their families. Ethos is redefining how life insurance is bought, sold, and underwritten.</p></div><p><span style="font-size: 12pt;"><strong>About the role</strong></span></p> <p><span style="font-size: 12pt;">We are looking for a skilled and creative AI Red Team Engineer to join our offensive security team. In this role, you will simulate real-world adversaries, exploit vulnerabilities across applications, cloud infrastructure, and AI/ML systems using both traditional penetration testing techniques and cutting-edge AI-augmented attack tooling.</span></p> <p><span style="font-size: 12pt;">You will operate across the full attack surface: web apps, APIs, mobile, internal networks, and AI-powered products including LLM pipelines, model APIs, agents, and RAG systems. You will help us find the flaws before the adversaries do, and work closely with engineering and product teams to close those gaps.</span></p> <h2><span style="font-size: 12pt;"><strong>Duties and Responsibilities:</strong></span></h2> <h2><span style="font-size: 12pt;"><strong>AI &amp; LLM Security Testing</strong></span></h2> <ul> <li style="font-size: 12pt;"><span style="font-size: 12pt;">Design and execute adversarial attacks against large language model (LLM)-powered products including prompt injection, jailbreaking, goal hijacking, and context manipulation.</span></li> <li style="font-size: 12pt;"><span style="font-size: 12pt;">Test retrieval-augmented generation (RAG) pipelines for data exfiltration, poisoning, and unauthorized knowledge extraction.</span></li> <li style="font-size: 12pt;"><span style="font-size: 12pt;">Assess AI agent systems and agentic workflows for unsafe tool-use, privilege escalation, and indirect prompt injection via environment feedback.</span></li> <li style="font-size: 12pt;"><span style="font-size: 12pt;">Conduct model extraction, membership inference, and adversarial example attacks against deployed ML models.</span></li> <li style="font-size: 12pt;"><span style="font-size: 12pt;">Evaluate AI guardrails, safety filters, and content moderation layers for bypass techniques.</span></li> </ul> <h2><span style="font-size: 12pt;"><strong>Penetration Testing &amp; Ethical Hacking</strong></span></h2> <ul> <li style="font-size: 12pt;"><span style="font-size: 12pt;">Perform full-scope penetration tests across web applications, REST/GraphQL APIs, mobile apps (iOS/Android), cloud environments (AWS, GCP, Azure), and internal networks.</span></li> <li style="font-size: 12pt;"><span style="font-size: 12pt;">Conduct red team exercises simulating advanced persistent threat (APT) actors using MITRE ATT&amp;CK and AI-augmented techniques.</span></li> <li style="font-size: 12pt;"><span style="font-size: 12pt;">Exploit vulnerabilities across the OWASP Top 10 and beyond: SSRF, IDOR, XXE, SSTI, authentication bypasses, and logic flaws.</span></li> <li style="font-size: 12pt;"><span style="font-size: 12pt;">Perform social engineering and phishing simulations as part of combined red team campaigns.</span></li> <li style="font-size: 12pt;"><span style="font-size: 12pt;">Conduct cloud and Kubernetes security assessments including IAM misconfigurations, container escapes, and privilege escalation paths.</span></li> </ul> <h2><span style="font-size: 12pt;"><strong>AI-Augmented Attack Operations</strong></span></h2> <ul> <li style="font-size: 12pt;"><span style="font-size: 12pt;">Leverage AI models and tools (e.g., LLMs, code generation, fuzzing assistants) to accelerate vulnerability discovery, payload crafting, and exploit development.</span></li> <li style="font-size: 12pt;"><span style="font-size: 12pt;">Build or adapt AI-powered reconnaissance, exploitation, and evasion tooling for internal use in red team engagements.</span></li> <li style="font-size: 12pt;"><span style="font-size: 12pt;">Stay current with adversarial AI research and translate academic findings into practical red team techniques.</span></li> <li style="font-size: 12pt;"><span style="font-size: 12pt;">Use AI to automate repetitive testing tasks and generate novel attack variants at scale.</span></li> </ul> <p><span style="font-size: 12pt;"><strong>Qualifications and Skills:</strong></span></p> <ul> <li style="font-size: 12pt;"><span style="font-size: 12pt;">7+ years of hands-on penetration testing and offensive security experience in a professional setting</span></li> <li style="font-size: 12pt;"><span style="font-size: 12pt;">Demonstrated experience testing AI/ML systems, LLM-powered products, or AI APIs</span></li> <li style="font-size: 12pt;"><span style="font-size: 12pt;">Experience conducting red team engagements</span></li> <li style="font-size: 12pt;"><span style="font-size: 12pt;">Scripting and tool development</span></li> <li style="font-size: 12pt;"><span style="font-size: 12pt;">Strong understanding of authentication protocols and common implementation flaws</span></li> <li style="font-size: 12pt;"><span style="font-size: 12pt;">Familiarity with cloud security architectures and common misconfigurations</span></li> <li style="font-size: 12pt;"><span style="font-size: 12pt;">Working knowledge of Docker/Kubernetes and container security</span></li> <li style="font-size: 12pt;"><span style="font-size: 12pt;">Understanding of LLM architectures and how they relate to attack surfaces.</span></li> <li style="font-size: 12pt;"><span style="font-size: 12pt;">Familiarity with OWASP LLM Top 10&nbsp;</span></li> <li style="font-size: 12pt;"><span style="font-size: 12pt;">Practical experience with prompt injection and jailbreak techniques against LLMs</span></li> <li style="font-size: 12pt;"><span style="font-size: 12pt;">Ability to use LLMs as force-multipliers in red team workflows</span></li> </ul> <h3><span style="font-size: 12pt;"><strong>Preferred Qualifications</strong></span></h3> <ul> <li style="font-size: 12pt;"><span style="font-size: 12pt;">Certifications: OSCP, OSEP, CRTO, CRTE, PNPT, CEH, GPEN, GWAPT, or equivalent</span></li> <li style="font-size: 12pt;"><span style="font-size: 12pt;">Experience with adversarial ML frameworks</span></li> <li style="font-size: 12pt;"><span style="font-size: 12pt;">Contributions to open-source security tooling or published CVEs / bug bounty hall-of-fame credits</span></li> <li style="font-size: 12pt;"><span style="font-size: 12pt;">Familiarity with AI governance frameworks</span></li> <li style="font-size: 12pt;"><span style="font-size: 12pt;">Experience with GenAI infrastructure</span></li> <li style="font-size: 12pt;"><span style="font-size: 12pt;">Background in threat modeling for AI-powered applications</span></li> <li style="font-size: 12pt;"><span style="font-size: 12pt;">Reverse engineering skills for binary and mobile assessments</span></li> <li style="font-size: 12pt;"><span style="font-size: 12pt;">CTF participation or competitive hacking experience</span></li> </ul> <p><span style="font-size: 12pt;"><strong>#LI-Remote #LI-MK1</strong></span></p> <p><span style="font-size: 12pt;">The US national base salary range for this full-time position is $152,000 - $269,000. Our salary ranges are determined by role, level, and location. The range displayed on each job posting reflects the minimum and maximum target for new hire salaries for the position across all US locations. Within the range, individual pay is determined by work location and additional factors, including job-related skills, experience, and relevant education or training.&nbsp;</span></p> <p><span style="font-size: 12pt;">Please note that the compensation details listed in US role postings reflect the base salary only and do not include applicable bonus, equity, or benefits.&nbsp;</span></p> <p><span style="font-size: 12pt;">You can find further details of our US benefits at https://www.ethoslife.com/careers/</span></p><div class="content-conclusion"><p>Don’t meet every single requirement? If you’re excited about this role but your past experience doesn’t align perfectly with every qualification in the job description, we encourage you to apply anyway. At Ethos we are dedicated to building a diverse, inclusive and authentic workplace.</p> <p>We are an equal opportunity employer.. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. Pursuant to the SF Fair Chance Ordinance, we will consider employment for qualified applicants with arrests and conviction records.</p> <p>To learn more about what information we collect and how it may be used, please refer to our&nbsp;<a href="https://res.cloudinary.com/getethos/image/upload/v1684458868/00_CMS/CURRENT_CRPA_Privacy_Notice_for_Job_Applicants_05-23.docx_-_Google_Docs_lr4j43.pdf" target="_blank" data-saferedirecturl="https://www.google.com/url?q=https://res.cloudinary.com/getethos/image/upload/v1684458868/00_CMS/CURRENT_CRPA_Privacy_Notice_for_Job_Applicants_05-23.docx_-_Google_Docs_lr4j43.pdf&amp;source=gmail&amp;ust=1684616836493000&amp;usg=AOvVaw2BlajerdOWoHawb8unUdI4">California Candidate&nbsp;Privacy Notice</a>.</p> <p><em><strong>Recruitment Notice: Please be aware of recruitment scams. All legitimate communication from our team will only come from email addresses ending in @ethos.com or @getethos.com.<br>We will never ask for payment, banking details, or sensitive personal information during the hiring process. If you are contacted by someone claiming to represent us from a different email address, please treat it as fraudulent.</strong></em></p></div>