Back to jobsConduct security assessments of AI systems and implementations — including AI chatbots, MCP (Model Context Protocol) servers, and enterprise deployments of Claude, ChatGPT, and Azure OpenAI Studio — identifying risks such as prompt injection, model abuse, data exfiltration etc. Execute continuous adversarial testing of AI platforms and guardrails to validate controls keep pace with evolving vendor capabilities.
Plan, scope, and execute penetration testing engagements across network infrastructure (servers, firewalls, endpoints, Active Directory) and perform comprehensive web application security assessments covering OWASP Top 10 vulnerabilities, business logic flaws, authentication weaknesses, and API security issues — following OWASP, and MITRE ATT&CK and other methodologies.
Leverage AI agents and AI-assisted tooling (such as Claude and ChatGPT) to augment testing workflows and automate reconnaissance, while developing and maintaining custom scripts and exploit code for attack chain automation, payload generation, and post-exploitation tasks.
Document and communicate assessment outcomes — including findings, risk context, and remediation guidance — clearly for both technical teams and senior stakeholders; collaborate with Vulnerability Management, Application, and Infrastructure teams to ensure findings are handed off with clear remediation ownership.
Stay current with the latest offensive security research, CVEs, exploitation techniques, and AI security threats; support red team exercises and threat simulation activities; and maintain detailed records of testing activities, methodologies, and evidence per internal documentation standards.
