AI/LLM Penetration Tester

Bishop Fox
Tempe, United States of America
yesterday

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Senior

Job location

Remote
Tempe, United States of America

Tech stack

Java
JavaScript
API
Artificial Intelligence
Amazon Web Services (AWS)
Business Logic
Software System Penetration Testing
User Authentication
Azure
Cloud Computing
Cloud Engineering
Code Review
Computer Security
Computer Programming
Information Leak Prevention
Python
Machine Learning
Open Web Application Security
Process Driven Development
Systems Development Life Cycle
Red Team (Cyber Security)
Web Application Security
Software Engineering
Scripting (Bash/Python/Go/Ruby)
Large Language Models
Software Security
GWAPT
AI Platforms
Kubernetes
Information Technology
Virtual Agents

Requirements

  • 5+ years of offensive security experience performing penetration tests, red team engagements, or application security assessments

  • Experience assessing AI/LLM-powered applications for vulnerabilities such as:

  • Prompt injection
  • Jailbreak techniques
  • Indirect prompt injection
  • Data leakage and sensitive information disclosure
  • Insecure tool/function calling
  • Agentic AI abuse
  • Model misuse and unsafe output generation
  • Understanding of modern AI architectures, including:
  • Experience performing manual application security testing beyond automated scanning

  • Strong understanding of web application security fundamentals, including the OWASP Top 10 Web, Agentic, and LLM Applications.

  • Experience reviewing AI application architectures and identifying security weaknesses across APIs, cloud infrastructure, and application logic

  • Experience performing source code review and dynamic testing

  • Familiarity with cloud platforms (AWS, Azure, or GCP) and securing AI workloads

  • Scripting or programming experience in Python, JavaScript Go, Java, or similar languages

  • Familiarity withLLM application and agent-orchestration frameworks, inference provider APIs, external capability integration for models, and open sourcetooling across commercial and self-hosted ecosystems.

  • Knowledge of authentication, authorization, networking, APIs, and secure software development practices

  • Excellent written and verbal communication skills, including presenting findings to technical and executive audiences

  • Ability to mentor teammates and contribute to internal research, tooling, and methodology development

  • OSCP, OSEP, GWAPT, GPEN, GXPN, or other relevant certifications are helpful but not required

  • Bachelor's degree in Computer Science, Cybersecurity, or a related technical field is a plus

What Sets You Apart

  • Experience conducting AI red team exercises against production or pre-production AI systems

  • Research into emerging AI attack techniques or contributions to the offensive security community

  • Experience building or securing AI agents and autonomous workflows

  • Knowledge of adversarial machine learning concepts and model security

  • Experience with cloud-native AI platforms such as Azure OpenAI, Amazon Bedrock, or Google Vertex AI

  • Familiarity with AIsoftware development lifecycle (AI SDLC) and AI governance frameworks

About the company

For more than two decades, Bishop Fox has defined the forefront of offensive security. By combining elite human expertise with the power of its proprietary Cosmos AI engine, the firm delivers industry-leading cloud and application security services, including AI-powered penetration testing and AI/LLM security assessments that reflect real-world attacker behavior. Renowned for its innovation and contributions to the open-source community through flagship tools like Sliver and AIMap, Bishop Fox has released 25+ tools and 75+ advisories in the last 10 years. As a trusted partner to the world's most recognizable brands, Bishop Fox protects 26 of the Fortune 100, eight of the top 10 global tech companies, all of the top five global media companies, 10 of the top 20 retailers and 7 of the top 10 manufacturers. A consistent market leader, Bishop Fox has been recognized as a Leader and 'Fast Mover' in the GigaOm Radar for Attack Surface Management for five consecutive years. With a 70 NPS rating, the firm remains the trusted partner for organizations seeking to stay ahead of the evolving threat landscape. Learn more at bishopfox.com. We are now hiring a SeniorAI/LLM Security Consultant to help clients stay ahead of emerging AI threats by conducting cutting-edge security assessments of large language models, AI agents, and AI-powered applications., Why Bishop Fox At Bishop Fox, we're driven by a simple mission: deliver exceptional quality to our clients, foster a vibrant and fulfilling environment for our team, and champion excellence within our industry. Our core values, which we live by every day, are: * Be Excellent to Each Other * Do the Right Thing * Do What You'll Say You'll Do * Get Better Together * Give a Sh*t This position is not eligible for visa sponsorship. Applicants must be authorized to work in the United States of America for the duration of employment without sponsorship. Bishop Fox has always allowed its employees to work remotely, and this role can be based anywhere in the United States. Our comprehensive benefits program is tailored to meet your needs at an affordable price. We embrace diversity and foster an inclusive culture where employees are empowered to do their best work while advancing the security community through world-class research and consulting.

Apply for this position