Senior Security Engineer (AI & Agentic Systems)
Job Description
Company: Uber
Location: New York, US
About the Role
As AI systems—especially agentic and autonomous AI—become deeply embedded in our products and internal platforms, the security model must evolve. Traditional application security alone is no longer sufficient. We are looking for a Senior AI Red Team Engineer to help us proactively identify, understand, and mitigate AI-native and agent‑specific security risks before they reach production.
What the Candidate Will Do
This role sits at the intersection of offensive security and AI engineering. You will not be limited to traditional penetration testing; instead, you will focus on behavioral, logical, and contextual attacks that cause AI systems to fail in subtle but dangerous ways—often without exploiting classic vulnerabilities. Success in this role means uncovering unknown unknowns, clearly articulating risk, and helping teams build safer AI systems by design.
Key Responsibilities
• Design and execute AI red‑teaming exercises against LLMs and AI agents, including:
• Prompt injection (direct & indirect)
• Jailbreaking and policy bypass
• Model and tool poisoning
• Memory and context poisoning
• Behavioral drift and unsafe autonomy
• Tool misuse and emergent privilege escalation
• Analyze agent workflows, logic, and tool graphs to identify systemic security weaknesses beyond prompt‑level attacks.
• Develop reusable adversarial test cases, attack libraries, and red‑team playbooks for AI systems.
• Collaborate with AI platform and product teams to translate red‑team findings into actionable mitigations, guardrails, and design changes.
• Partner with broader security teams (AppSec, InfraSec, Privacy, Risk) to integrate AI red teaming into the SDLC and launch gates.
• Contribute to AI security strategy, helping define how we evaluate and secure agentic systems at scale.
• Stay ahead of emerging AI threats, tracking industry research, incidents, and attack techniques relevant to AI and autonomous systems.
Basic Qualifications
• 4+ years of experience in security engineering, offensive security, or red teaming.
• Hands‑on experience red‑teaming AI models or AI agents, including testing for prompt injection, jailbreaks, unsafe behavior, excessive agency, model DoS.
• Familiarity with AI production patterns such as ReAct, tool use, multi‑agent orchestration.
• Strong understanding of security fundamentals (threat modeling, secure design, least privilege, defense in depth).
• Experience analyzing complex systems and reasoning about unintended behavior and emergent risk.
• Ability to clearly document findings and communicate risk to both technical and non‑technical stakeholders.
• Proficiency in at least one programming language (e.g., Python, Go, Java, or similar).
Preferred Qualifications
• Familiarity with AI security tools and frameworks (e.g., PyRIT, AgentDojo, Promptfoo, custom harnesses).
• Strong understanding of GenAI and LLM architectures, including embeddings, RAG, or agent frameworks.
• Hands‑on experience building or operating AI agents, including tool calling, memory, or workflow orchestration.
• Offensive security / penetration testing background (e.g., red team, bug bounty, exploit development).
• Active on HackerOne, Bugcrowd, Synack.
Salary and Benefits
For New York, NY‑based roles: the base salary range is USD $202,000 per year – USD $224,000 per year. For San Francisco, CA‑based roles: the base salary range is USD $202,000 per year – USD $224,000 per year. For Seattle, WA‑based roles: the base salary range is USD $202,000 per year – USD $224,000 per year. For Sunnyvale, CA‑based roles: the base salary range is USD $202,000 per year – USD $224,000 per year. All full‑time employees are eligible to participate in a 401(k) plan, Uber’s bonus program, and may receive equity awards and other forms of compensation. You will also be eligible for various benefits. More details can be found at the following link: https://jobs.uber.com/en/benefits.
Source: JobLeads
