Senior AI Security Engineer (Red & Blue Team)

St. Fox Consultancy (SFC) is launching a specialized Security in AI practice. We are moving beyond traditional cybersecurity to secure the next generation of Agentic AI, LLMs, and Autonomous Systems.

We are looking for a hybrid Security Engineer who refuses to pick a side. You are a Red Teamer who can craft sophisticated jailbreaks and prompt injections, but you are also a Blue Teamer who knows how to architect the guardrails to stop them.

As a Forward Deployed Engineer (FDE), you will not just write reports from a desk. You will embed with our enterprise clients, attacking their live AI agents to find vulnerabilities and then working side-by-side with their engineering teams to implement the fixes.

Key Responsibilities:

The \"Red\" (Adversarial Simulation)

• AI Red Teaming: Conduct advanced adversarial testing on Large Language Models (LLMs) and Agentic AI workflows. Execute prompt injections, jailbreaking, model inversion, and data poisoning attacks.

• Agentic Threat Simulation: Test autonomous agents for \"excessive agency\" vulnerabilities—manipulating agents into performing unauthorized actions (e.g., executing SQL commands, escalating privileges, or leaking PII).

• Automated & Manual Testing: Leverage tools like Garak, PyRIT, or TextAttack for automated scanning, while applying manual creativity to find logic flaws in multi-agent orchestration.

• Chain-of-Thought Exploitation: Analyze and exploit flaws in the reasoning loops of autonomous agents (e.g., LangChain or AutoGen workflows).

The \"Blue\" (Defense & Engineering)

• Guardrail Engineering: Design and implement input/output filters using tools like NVIDIA NeMo Guardrails, Llama Guard, or Lakera.

• Identity & Access Control: Architect \"Non-Human Identity\" policies for AI agents, ensuring they adhere to Least Privilege (e.g., preventing an agent from deleting DB records).

• Detection Engineering: Build monitoring pipelines to detect real-time attacks (e.g., identifying a \"DAN\" attack pattern in live chat logs) and automate response triggers.

• Remediation: Don't just report bugs—fix them. Rewrite system prompts to be robust against social engineering and re-architect RAG pipelines to prevent data leakage.

The FDE (Client Engagement)

• Embedded Problem Solving: Work on-site with client engineering teams to understand their specific business logic and deploy secure AI architectures.

• Threat Modeling: Lead workshops to map the \"Blast Radius\" of a client's AI agents (i.e., if this agent is compromised, what can it destroy?).

Skills and Qualifications:

• Experience: 5+ years in Cybersecurity, with at least 2 years focused on Application Security, Penetration Testing, or ML Security.

• AI/ML Depth: Deep understanding of LLM architectures (Transformers, RAG, Fine-tuning). You understand how a model \"thinks\" and where it hallucinates.

• Technical Stack: ➢ Languages: Proficient in Python (mandatory for building custom attack scripts and harness). ➢ AI Frameworks: Experience with LangChain, Semantic Kernel, or Bedrock. ➢ Security Tools: Burp Suite, OWASP ZAP, plus AI-specific tools (Garak, PyRIT).

• Offensive Mindset: Proven ability to think like an adversary (e.g., CVEs, Bug Bounties, or CTF wins).

• Defensive Engineering: Experience implementing WAFs, API Gateways, or IAM policies (OAuth, OIDC)

Nice to Have:

• Experience with Agentic Identity concepts (SPIFFE/SPIRE, Machine ID).

• Certifications: OSEP, OSWE, or specific AI Security certifications (e.g., NVIDIA, SANS).

• Contribution to open-source AI security projects or OWASP Top 10 for LLM.

Why St. Fox?

• Be a founding member of a cutting-edge Agentic AI Security practice.

• Work in a true Purple Team environment where you own the full lifecycle of security—break it, then fix it. • High-impact work with top-tier enterprise clients

What We Offer :

• Competitive salary and benefits package.

• Opportunities for professional growth and advancement.

• Exposure to cutting-edge technologies and projects.

• A collaborative and supportive work environment.

How to Apply: Interested candidates should submit a detailed resume outlining their qualifications and experience relevant to the role applied for. Applications should be sent via our careers portal or to

St. Fox is an Equal Opportunity Employer. We celebrate diversity and are committed to creating an inclusive environment for all employees.