Sign up to access all features of our service.
  • Job search
  • Favorites
  • Create a CV
    New
  • Salaries
  • Subscriptions

Senior AI Security Red Team Lead & Offensive Testing Expert

Evolvesec

The Senior Application Security Tester & AI Red Team Subject Matter Expert is a senior-level offensive security role for a tester who has mastered modern web and API security and is now defining how Evolve Security tests AI-enabled applications, large language models, and agentic systems. This role wears two hats: hands-on senior application penetration tester for our most complex client engagements, and the firm-wide subject matter expert who builds, scales, and represents Evolve Security’s AI red team practice. The senior tester executes assessments with full autonomy, owns the technical relationship with client security and engineering leadership, mentors mid-level engineers and OSOC analysts, and is the recognized internal authority on offensive AI/ML testing methodology, tooling, and threat modeling. Typical Experience: 5–8+ years of offensive security experience with a deep concentration in web application and API penetration testing, plus demonstrable hands-on work testing AI/ML systems — LLM-backed applications, RAG pipelines, fine-tuned models, multi-agent systems, or production ML inference. A track record of dozens of completed assessments, published research, conference talks, CVEs, or open-source contributions is expected. Domain Expertise: Mastery of web application and API security beyond the OWASP Top 10 — business logic abuse, complex authentication and authorization flows (OAuth 2.0 / OIDC, SAML, JWT, mTLS), SSRF chains, deserialization, request smuggling, prototype pollution, and modern SPA / GraphQL attack surface. Equally fluent in the OWASP Top 10 for LLM Applications and OWASP ML Top 10 — prompt injection (direct, indirect, multi-modal), jailbreaks and safety bypasses, insecure output handling, training data poisoning and extraction, model denial of service, supply chain vulnerabilities in model and plugin ecosystems, excessive agency in agentic systems, sensitive data leakage from system prompts and embeddings, and vector store / RAG poisoning. Technical Skills: Expert with the modern offensive toolchain — Burp Suite Pro (including custom extensions), OWASP ZAP, Nuclei, Postman, Nmap, Metasploit, BloodHound — and able to build bespoke tooling when the off-the-shelf option falls short. Comfortable with AI red-teaming tooling such as Garak, PyRIT, Promptfoo, Giskard, and adversarial ML libraries, and confident designing custom evaluation harnesses against client-specific LLM and agent stacks. Strong scripting and small-tool development in Python, with working knowledge of JavaScript / TypeScript, Bash, and PowerShell. Familiar with the components of modern AI applications: vector databases (Pinecone, Weaviate, pgvector), embedding models, retrieval pipelines, agent frameworks (LangChain, LlamaIndex, CrewAI), and tool-use protocols including MCP. Soft Skills: Excellent written and verbal communication — produces publication-quality reports with no editorial rework, leads CISO and engineering-leader briefings, and de-escalates contested findings with technical rigor. Mentors mid-level engineers and OSOC analysts through code review, paired testing, and methodology coaching. Comfortable representing Evolve Security externally — webinars, podcasts, conference CFPs, and client thought-leadership content. Certifications (Preferred, not required): OSWE, OSCP, OSEP, GWAPT, GXPN, Burp Suite Certified Practitioner; AI/ML-adjacent credentials and contributions such as AI Red Team certifications, published prompt injection research, MITRE ATLAS contributions, or SANS SEC545/SEC595. Expertise that aligns to our approach Lead end-to-end web application and API penetration tests as the senior technical owner, scoping the engagement, executing the assessment, and presenting findings to client security and engineering leadership. Apply structured testing techniques aligned to OWASP WSTG and OWASP API Security Top 10 to assess authentication, session management, access control (vertical and horizontal privilege escalation), input validation, error handling, and business logic flaws. Design and execute AI red team engagements against LLM-backed applications, RAG systems, and agentic workflows — covering prompt injection (direct, indirect, multi-modal), jailbreak resilience, system prompt and tool-use exfiltration, training data and embedding leakage, insecure output handling, and excessive agency in tool-using agents. Map AI findings to the OWASP Top 10 for LLM Applications, OWASP ML Top 10, MITRE ATLAS, and the NIST AI Risk Management Framework so client stakeholders can defend severity and remediation calls internally. Test the full AI application surface: model endpoints, prompt and response pipelines, retrieval augmentation, vector stores, fine-tuning pipelines, plugin / tool integrations (including MCP servers), guardrail and safety layers, and supporting cloud infrastructure. Demonstrate proficiency in manual exploit development for both classical web vulnerabilities (XSS, SQLi, SSRF, IDOR, CSRF, deserialization) and LLM-specific attacks (jailbreak chains, indirect prompt injection via RAG content, agent hijacking via crafted tool outputs). Validate authentication mechanisms — OAuth, OIDC, SAML, MFA implementations, and JWT — and how they extend into AI-specific surfaces such as agent identity, per-user tool scoping, and prompt-level authorization. Assess session management, secrets handling, and data-flow controls in AI applications, including how user data ends up in prompts, logs, vector stores, and model fine-tunes. Execute client-side testing using browser dev tools and proxy-based inspection, evaluating DOM-based vulnerabilities, insecure local storage, and AI-driven client behaviors (e.g., embedded copilots and in-page agents). Test REST and GraphQL APIs using a combination of dynamic, manual, and automated methods; extend the same rigor to model and agent APIs. Perform code-assisted (grey-box) and full source review when available, identifying logic flaws, insecure configurations, and dangerous patterns specific to AI integrations (untrusted-content-into-prompt, unbounded tool use, missing output sanitization). Build, maintain, and contribute to Evolve Security’s AI red team methodology, payload libraries, evaluation harnesses, and reporting templates — and serve as the firm-wide reviewer for AI-related findings. Mentor mid-level penetration testing engineers and OSOC analysts through paired testing, technical review, knowledge-sharing sessions, and contributions to internal training and the academy. Represent Evolve Security externally through conference talks, blog posts, webinars, and client thought-leadership content on application security and AI red teaming. Communicate findings clearly, with strong emphasis on business impact, reproducibility, and strategic remediation guidance that engineering teams can actually ship. Success in the first 6 months looks like: Published, version-controlled AI red team methodology covering LLM applications, RAG systems, and agentic workflows, adopted across Evolve Security engagements. A reusable AI red team toolkit (custom Garak/PyRIT probes, payload libraries, evaluation harnesses) ready for any tester to use on a client engagement. Senior technical ownership of at least one strategic, AI-focused client account. Mentorship cadence in place with mid-level engineers and OSOC analysts; demonstrable uplift in their AI-related findings and reporting quality. At least one piece of public thought leadership (talk, blog, or research) attributed to Evolve Security. Who is Evolve Security? Evolve Security is a cybersecurity services firm headquartered in Chicago, IL. We are dedicated to improving our client’s security posture by providing continuous penetration testing, training services, and talent solutions. In addition to our professional cybersecurity service offerings, Evolve Security offers a cybersecurity bootcamp, “Evolve Academy”,currentlyrankedthe #1 cybersecurity bootcamp in the world. The Cybersecurity Bootcamp in Chicago provides immersive training, giving students the concrete and practicalskills,needed on the job. Students gain real work experience through live security assessment work that they perform on not-for-profit companies. We are passionate about directly improving our customers’ security posture, and we proudly train others to help meet the need for qualified cybersecurity talent. Benefits Include Healthcare Benefits 401(k) Match Parental Leave Flexible Paid Time Off Annual vacation reimbursement #J-18808-Ljbffr Evolvesec

Vacancy posted 1 day ago
Similar jobs that could be interesting for youBased on the Senior AI Security Red Team Lead & Offensive Testing Expert in Chicago, IL vacancy
  • Evolve Security is looking for a Senior Application Security Tester & AI Red Team Subject Matter Expert in Chicago, IL. In this senior-level role, you will lead application penetration tests and be a key authority in AI-enabled...  ...have 5-8+ years of offensive security experience... 
    Senior
    Flexible hours

    Evolve Security

    Chicago, IL
    2 days ago
  • £65k - £134k per year

    Coalfire is looking for a Senior Consultant in Chicago to lead projects involving application security assessments. You will perform comprehensive penetration testing, manage client engagements, and mentor junior staff. Ideal candidates have a solid background in application... 
    Senior
    Flexible hours

    Medium

    Chicago, IL
    1 day ago
  • £65k - £134k per year

     ...cybersecurity experts, but above...  ..., we are a team of...  ...Summary The Senior Consultant...  ...members to lead engagements...  ...assessing the security of various...  ...objective testing and results...  ..., API, and AI Penetration...  ...OSCE, OSEE offensive security certifications...  ...Android. Red/Purple Team... 
    Senior
    Work at office
    Flexible hours

    Medium

    Chicago, IL
    1 day ago
  • Urbane Security is looking for talented professionals in offensive and defensive security to enhance their Security Services team. The role involves extensive penetration testing, risk assessment, and developing tailored security solutions. Applicants should have strong... 
    Senior

    Urbane Security

    Chicago, IL
    2 days ago
  • $130k - $180k

     ...it possible for AI to impact clinical...  ...box penetration tests on web...  ...deep-dive mobile security assessments on iOS...  ...certificate pinning. Lead specialized security...  ...engineering teams with hands‑on remediation...  ...environments. Expert knowledge of web...  ...Certifications Offensive Security: OSCP,... 
    Senior

    Tempus AI, Inc.

    Chicago, IL
    4 days ago
  •  ...Senior Offensive Security Engineer - Pentester Denver, Colorado;Seattle, Washington...  ...top talent to join our team. You bring your talent and passion...  ...hacker mentality. You will lead and participate in...  ...a wide range of penetration testing techniques (reconnaissance,... 
    Senior
    Work at office
    Remote work
    Shift work
    Day shift

    Bank of America

    Chicago, IL
    3 days ago
  • $175k - $195k

     ...change they need to own their future. We are seeking a senior-level AI Security Architect to help clients design, secure, and scale...  ...modeling, architecture risk assessments, and AI security testing (including red teaming) for AI systems. Assess AI supply chain risk,... 
    Senior

    Huron Consulting Group

    Chicago, IL
    4 days ago
  • TransUnion LLC is seeking a skilled Red Teamer for their Cybersecurity team in Chicago. This role involves conducting in-depth threat emulation exercises, including Red Team and Purple Team operations to uncover vulnerabilities in our systems. The ideal candidate will have... 
    Senior
    Work at office

    TransUnion LLC

    Chicago, IL
    2 days ago
  • $167.37k - $209.21k

     ...business as the leading global omni‑...  ...a time. Using AI, robotics and...  ...and talented teams come in. They’...  ...Department Overview As Senior Manager, Offensive Security, you will lead...  ...testers and red team operators...  ..., concurrent testing engagements...  ...regions Expert‑level understanding... 
    Senior
    Local area
    Shift work

    McDonald's Corporation

    Chicago, IL
    4 days ago
  • $130k - $180k

    Tempus AI, Inc. is seeking a Senior Penetration Tester in Chicago, Illinois, focused on advancing...  ...execute advanced penetration tests on applications and lead security testing for FDA-regulated...  ...has over 5 years of experience, expert knowledge in web and mobile security... 
    Senior

    Tempus AI, Inc.

    Chicago, IL
    5 days ago
  • $145k - $192.5k

     ...Global Information Security (GIS) team is looking for a Cyber Threat Defense AI Security Senior Engineer to lead the integration of...  ...Act as a technical expert on AI‑driven cybersecurity...  .... Collaborate with offensive security teams to develop AI‑enhanced red teaming and... 
    Senior
    Shift work
    Day shift

    Koitecc Solutions

    Chicago, IL
    3 days ago
  • $150k - $225k

     ...will be on the bleeding edge of AI, helping transform...  ...for our product and technology teams as you discover repeatable solutions...  ...discovery and scoping to POC, testing, and handover. ~ Code and ship...  ...instrument logging/metrics, add tests, security controls, and deployment... 
    Senior

    CADDi

    Chicago, IL
    25 days ago
  • Application Security Engineer (Senior) ID71672 Full time | AgileEngine | United States...  ...application development and AI/ML, and our people-first...  ...remediation guidance to development teams, and operate with full...  ...modern application security testing tools, including SAST, DAST,... 
    Senior
    Full time
    Work at office
    Remote work
    Visa sponsorship
    Work visa
    Flexible hours

    AgileEngine, LLC.

    Chicago, IL
    1 day ago
  •  ...TEKsystems c/o Allegis Group is hiring a Senior CCaaS Engineer in Chicago, IL (Fully Remote). In this role, you will be responsible...  ...with vendors, and ensuring telecom systems comply with industry security standards. The ideal candidate will demonstrate strong telephony... 
    Senior
    Remote work

    TEKsystems c/o Allegis Group

    Chicago, IL
    19 hours ago
  • $152.95k - $272k

     ...When you join NFA as a Senior AI & Application Security Engineer, you will...  ...leader and subject‑matter expert developing, designing...  ...data, and governance teams. Your expertise will...  .... What you’ll do: Lead secure design and...  ...application security testing across cloud and AI environments... 
    Senior

    National Futures Association

    Chicago, IL
    4 days ago
  • $185k - $200k

     ...AI Governance Lead This is an opportunity to join Ascot Group...  ...is a talented team who flourish in a collaborative...  ...leading financial security while delivering bespoke...  ...Reporting to the Senior Vice President, Predictive...  ...explainability, Bias/fairness testing, Human-in-the-loop... 
    Temporary work
    Work at office
    Local area
    Flexible hours

    Ascot Group

    Chicago, IL
    1 day ago
  • $128.1k - $239.6k

     ...powerhouse of diverse teams and take your...  ...is seeking a Cloud Security consultant with expertise...  ...consultant will lead the enablement of CNAPP...  ...automated security testing and compliance,...  ...SME (subject matter expert) to mature/advance...  .... Enabled by data, AI and advanced technology... 
    Senior
    Summer holiday
    Local area
    Flexible hours
    Shift work

    Ernst & Young Oman

    Chicago, IL
    3 days ago
  • $171.7k - $300.5k

    Senior Director, AI Security page is loaded## Senior Director, AI Securitylocations: Chicago, ILtime type...  ...’s most sophisticated clients using leading technology and exceptional service....  ...compliance audits, the evaluation and testing of hardware, firmware and software for... 
    Senior
    Work experience placement
    Flexible hours

    Northern Trust Corp

    Chicago, IL
    3 days ago
  •  ...government services firm is seeking an experienced eDiscovery Analytics Lead to provide technical support for federal agency projects. You...  ...skills and a strong background in project management. Join our team to contribute to important government initiatives. #J-18808-... 
    Senior

    CGS Federal (Contact Government Services)

    Chicago, IL
    3 days ago
  •  ...Business Intelligence team is building AI-enabled analytics...  ...We're seeking a Senior Software...  ...build, establish secure development workflows...  ...implement automated testing, security...  ...BigQuery, Redshift) Expert-level SQL, query...  ...Collaboration Leads by example through... 
    Senior
    Contract work
    Remote work
    Relocation package

    GE Aerospace

    Chicago, IL
    19 hours ago
  •  ...directly. As a leading, global...  ...Technology & Data Team is a dynamic...  ...like AI and cloud solutions...  ...currently seeking a Senior AI...  ...Information Security department. The...  ...penetration testing experience, deep...  ...with the latest offensive security...  ...threats; support red team exercises... 
    Senior
    Full time
    Temporary work
    Work at office
    Immediate start
    2 days per week
    3 days per week

    Fitch Group

    Chicago, IL
    16 hours ago
  • Senior / Lead Conversational AI & Digital Payments Solutions Engineer 02/04/2026 Contract...  ...will design scalable, secure, and high-performing solutions...  ...needed. Partner with cloud teams (AWS, Azure, GCP) to ensure...  ...design, data preparation, testing, and feedback loops. Understanding... 
    Senior
    Contract work

    Compunnel

    Chicago, IL
    2 days ago
  • $145.2k - $236.7k

     ...Lead Associate Principal Cloud Security Engineer Join our dynamic Security Engineering team as a Lead Associate Principal Cloud Security...  ...assets, implement AI-based security...  ...architecture, and security testing Apply expertise in...  ...lifecycle. Expert level knowledge of... 
    Local area
    Remote work
    2 days per week

    Options Clearing Corporation

    Chicago, IL
    6 days ago
  •  ...You’ll work with leading companies across...  ...cloud and AI journeys. With support...  ...technology, and Red Hat, you’ll have...  ...to delivery teams across active engagements...  ...teams to build, test, and ship AI...  ...Serve as a senior technical voice...  ...Solutions Architect Expert, Azure AI Engineer... 
    Senior
    Worldwide

    IBM Computing

    Chicago, IL
    5 days ago
  • PEAK6 is seeking a Lead Payroll to own the payroll processing across multiple states. You will be responsible for ensuring compliance with payroll regulations and collaborating cross-functionally. The role is perfect for those who thrive in a fast-paced environment and... 
    Senior
    Remote work

    PEAK6

    Chicago, IL
    3 days ago
  • $170.6k - $390k

     ...globally connected powerhouse of diverse teams and take your career wherever you...  ...- Microsoft Enterprise Platform - Senior Manager (Architect & Solution Lead Roles) - Location OPEN Role...  ...and deliver this capability across AI, Security, and Cloud domains. As part of... 
    Senior
    Full time
    Summer holiday
    Work at office
    Flexible hours

    EY

    Chicago, IL
    4 days ago
  • $89k - $142k

    Woodward HRT/MPC in Niles, IL is seeking a Trade Compliance Specialist. In this role, you will manage compliance with U.S. government regulations regarding export and import transactions, ensuring adherence to ITAR, EAR, and other relevant regulations. Your expertise will...
    Senior

    Woodward HRT/MPC

    Niles, IL
    2 days ago
  • $144k - $180k

    A leading insurance firm in Chicago is seeking a Senior Manager of SEC Reporting to oversee the preparation and filing of SEC reports. This role will lead the SEC Reporting team, ensuring compliance with U.S. GAAP and SEC regulations while collaborating with multiple departments... 
    Senior

    R T Specialty, LLC

    Chicago, IL
    4 days ago
  • Australia-Employment is seeking a Safety Manager in Chicago to lead safety initiatives in their construction projects. This role demands significant experience in construction safety and knowledge of OSHA regulations. Responsibilities include conducting safety evaluations... 
    Senior

    Australia-Employment

    Chicago, IL
    3 days ago
  •  ...candidates will have a bachelor's degree or 8+ years of equivalent experience with the Trade Compliance program. Responsibilities include leading compliance efforts, reviewing contracts, and driving export licensing strategy. The position offers a comprehensive benefits... 
    Senior

    Woodward

    Niles, IL
    2 days ago

Do you want to receive more vacancies?

Subscribe and receive similar vacancies to Senior AI Security Red Team Lead & Offensive Testing Expert. Be the first to apply!