AI Red Team Engineer
Indexed description
- We’ve raised $11M from top funds, founders, and senior leaders at OpenAI, Anthropic, HuggingFace, Mistral, DeepMind, Datadog, Sentry, and others
- We process over one hundred million API calls every month
- We fine-tune and train our own LLMs so they run faster and cheaper than any open or proprietary model
You will:
- Red-team LLM-powered systems: chatbots, copilots, RAG pipelines, AI agents, tool-calling workflows, and API-based AI products.
- Test for jailbreaks, prompt injection, system-prompt and tool leakage, sensitive-data and context leakage, unsafe outputs, policy bypass, tool misuse, excessive agency, resource and token-cost abuse, and business-logic abuse.
- Write lightweight Python to automate attacks, run prompt sets, call model APIs, collect and score responses, and generate repeatable reports.
- Build and maintain an internal attack library: prompts, scenarios, test cases, regression tests, scoring rubrics, and reusable demo cases.
- Turn model failures into clear reports: what happened, why it matters, how to reproduce it, how severe it is, and how to fix it.
- Convert successful attacks into regression tests and product requirements.
- Track new red-team and safety techniques and fold the useful ones into our tests.
- Support GTM by producing strong, credible evidence for customer demos, security reviews, and sales conversations.
- Genuinely love breaking things and reasoning adversarially.
- Have a background in QA automation, AppSec, API/security/pen testing, or bug bounty.
- Have strong Python scripting skills.
- Have experience testing APIs, web apps, backends, or SaaS products.
- Are hands-on with LLMs, prompts, system instructions, RAG, agents, and tool/function calling.
- Understand LLM-specific abuse vectors (prompt injection, jailbreaks, data leakage, tool misuse, excessive agency, token-cost exhaustion).
- Can find bypasses, abuse edge cases, chain failures, and reason about real-world impact.
- Can separate real customer risk from low-impact prompt tricks.
- Write clear, reproducible bug reports in clear English.
- Can move fast without perfect requirements.
- Hold a firm ethical line: you red-team to make systems safer, operate within scope and the law, and don't produce or traffic in genuinely harmful material.
- Experience with Burp Suite, Postman, Playwright, pytest.
- Experience with modern LLM red-teaming automated agents and pipelines.
- Familiarity with LangChain, LangGraph, LlamaIndex, RAG pipelines, AI agents, tool/function calling, and LLM-as-judge evaluation.
- Familiarity with OWASP LLM Top 10, OWASP Web Top 10, MITRE ATLAS, or other AI security taxonomies.
- Experience testing RAG systems, AI agents, tool-calling workflows, browser agents, or internal copilots.
- Experience writing customer-facing security reports.
- Experience with trust & safety, abuse prevention, fraud, moderation, or platform security.
- Experience building eval pipelines, regression suites, dashboards, or CI-friendly security tests.
- A track record in CTFs, red-team competitions, or responsible-disclosure / bounty programs.
- Paid time off in line with your local regulations, no matter where you work from
- Work from Paris (hybrid) + relocation package
- Best medical insurance in France
- All the hardware, tools, and services you need
- Covered subscriptions for AI agents
- Team off-sites twice a year: we've recently been to the Alps and to Saint-Tropez
- Intro call with HR (25 min)
- Take-home test task
- Technical interview (60 min)
- Final call with CEO (45 min)
Compensation Range: $60K - $90K
Create a free Caio profile to unlock more results and save your role and location preferences.
Unlock free search