Bishop Fox Logo

Bishop Fox

Senior AI/LLM Penetration Tester

Posted Yesterday
Be an Early Applicant
Remote
Hiring Remotely in U.S.
Senior level
Remote
Hiring Remotely in U.S.
Senior level
Lead AI/LLM-focused security assessments and advanced offensive engagements. Identify vulnerabilities in LLMs, agents, APIs, and cloud AI workloads; perform manual testing, source code review, architecture reviews, and present findings. Mentor teammates and contribute to tooling, research, and methodology development.
The summary above was generated by AI

For more than two decades, Bishop Fox has defined the forefront of offensive security. By combining elite human expertise with the power of its proprietary Cosmos AI engine, the firm delivers industry-leading cloud and application security services, including AI-powered penetration testing and AI/LLM security assessments that reflect real-world attacker behavior. Renowned for its innovation and contributions to the open-source community through flagship tools like Sliver and AIMap, Bishop Fox has released 25+ tools and 75+ advisories in the last 10 years.  

As a trusted partner to the world’s most recognizable brands, Bishop Fox protects 26 of the Fortune 100, eight of the top 10 global tech companies, all of the top five global media companies, 10 of the top 20 retailers and 7 of the top 10 manufacturers. A consistent market leader, Bishop Fox has been recognized as a Leader and "Fast Mover" in the GigaOm Radar for Attack Surface Management for five consecutive years. With a 70 NPS rating, the firm remains the trusted partner for organizations seeking to stay ahead of the evolving threat landscape. Learn more at bishopfox.com. 

We are now hiring a Senior AI/LLM Security Consultant to help clients stay ahead of emerging AI threats by conducting cutting-edge security assessments of large language models, AI agents, and AI-powered applications. 


Who You Are and What You’ll Do 

Our wants are simple: be good at—and most importantly—love what you do. Here's what we're looking for: 

  • 5+ years of offensive security experience performing penetration tests, red team engagements, or application security assessments  
  • Experience assessing AI/LLM-powered applications for vulnerabilities such as:  
    • Prompt injection  
    • Jailbreak techniques  
    • Indirect prompt injection  
    • Data leakage and sensitive information disclosure  
    • Insecure tool/function calling  
    • Agentic AI abuse  
    • Model misuse and unsafe output generation  
    • Understanding of modern AI architectures, including:  
  • Experience performing manual application security testing beyond automated scanning  
  • Strong understanding of web application security fundamentals, including the OWASP Top 10 Web, Agentic, and LLM Applications.  
  • Experience reviewing AI application architectures and identifying security weaknesses across APIs, cloud infrastructure, and application logic  
  • Experience performing source code review and dynamic testing  
  • Familiarity with cloud platforms (AWS, Azure, or GCP) and securing AI workloads  
  • Scripting or programming experience in Python, JavaScript Go, Java, or similar languages  
  • Familiarity with LLM application and agent-orchestration frameworks, inference provider APIs, external capability integration for modelsand open source tooling across commercial and self-hosted ecosystems. 
  • Knowledge of authentication, authorization, networking, APIs, and secure software development practices  
  • Excellent written and verbal communication skills, including presenting findings to technical and executive audiences  
  • Ability to mentor teammates and contribute to internal research, tooling, and methodology development  
  • OSCP, OSEP, GWAPT, GPEN, GXPN, or other relevant certifications are helpful but not required  
  • Bachelor's degree in Computer Science, Cybersecurity, or a related technical field is a plus  

What Sets You Apart 

  • Experience conducting AI red team exercises against production or pre-production AI systems  
  • Research into emerging AI attack techniques or contributions to the offensive security community  
  • Experience building or securing AI agents and autonomous workflows  
  • Knowledge of adversarial machine learning concepts and model security  
  • Experience with cloud-native AI platforms such as Azure OpenAI, Amazon Bedrock, or Google Vertex AI  
  • Familiarity with AI software development lifecycle (AI SDLC) and AI governance frameworks  

Why Bishop Fox 

At Bishop Fox, we're driven by a simple mission: deliver exceptional quality to our clients, foster a vibrant and fulfilling environment for our team, and champion excellence within our industry. Our core values, which we live by every day, are:  

  • Be Excellent to Each Other 
  • Do the Right Thing 
  • Do What You’ll Say You’ll Do 
  • Get Better Together 
  • Give a Sh*t 

This position is not eligible for visa sponsorship. Applicants must be authorized to work in the United States of America for the duration of employment without sponsorship.  

Bishop Fox has always allowed its employees to work remotely, and this role can be based anywhere in the United States. 

Our comprehensive benefits program is tailored to meet your needs at an affordable price. We embrace diversity and foster an inclusive culture where employees are empowered to do their best work while advancing the security community through world-class research and consulting. 

Bishop Fox is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex (including sexual orientation and gender identity), national origin, disability, protected veteran status, or any other characteristic protected by applicable federal, state, or local law. All new hires must successfully complete a background check as a condition of employment. 


Interested? Apply today!   

 

Similar Jobs

19 Minutes Ago
Remote or Hybrid
OK, USA
205K-250K Annually
Mid level
205K-250K Annually
Mid level
Information Technology
Develop and maintain SailPoint IdentityIQ solutions, focusing on BeanShell scripting, Java development, and XML configuration for identity lifecycle management and application onboarding.
Top Skills: BeanshellJavaJbossJdbcJSONRestSailpoint IdentityiqSoapSQLTomcatXML
19 Minutes Ago
Remote or Hybrid
MD, USA
150K-200K Annually
Senior level
150K-200K Annually
Senior level
Information Technology
The Senior Cloud Engineer at CDW is responsible for managing enterprise-scale cloud and hybrid services, ensuring performance, availability, and compliance, while mentoring peers and leading migrations from on-premises to cloud environments.
Top Skills: 1EActive DirectoryAWSAzureCayosoftCitrix VdiEntra IdLoginvsiSl1SplunkTanium
20 Minutes Ago
Remote or Hybrid
OK, USA
180K-205K Annually
Senior level
180K-205K Annually
Senior level
Information Technology
The IIQ Architect designs and implements SailPoint IdentityIQ solutions, ensuring compliance with federal IAM standards and overseeing integration with security tools.
Top Skills: IamIdentityiqNist 800-63Role-Based Access ControlSailpoint

What you need to know about the Seattle Tech Scene

Home to tech titans like Microsoft and Amazon, Seattle punches far above its weight in innovation. But its surrounding mountains, sprinkled with world-famous hiking trails and climbing routes, make the city a destination for outdoorsy types as well. Established as a logging town before shifting to shipbuilding and logistics, the Emerald City is now known for its contributions to aerospace, software, biotech and cloud computing. And its status as a thriving tech ecosystem is attracting out-of-town companies looking to establish new tech and engineering hubs.

Key Facts About Seattle Tech

  • Number of Tech Workers: 287,000; 13% of overall workforce (2024 CompTIA survey)
  • Major Tech Employers: Amazon, Microsoft, Meta, Google
  • Key Industries: Artificial intelligence, cloud computing, software, biotechnology, game development
  • Funding Landscape: $3.1 billion in venture capital funding in 2024 (Pitchbook)
  • Notable Investors: Madrona, Fuse, Tola, Maveron
  • Research Centers and Universities: University of Washington, Seattle University, Seattle Pacific University, Allen Institute for Brain Science, Bill & Melinda Gates Foundation, Seattle Children’s Research Institute

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account