Senior Engineer, Offensive Security Web & AI Systems - Contract

Lab Summary: The Development Quality Innovation (DQI) lab in Mountain View has a dual role that is first to research new automation tools as well as take current tools and refine them to our needs. Second, act as a centralized QA group to provide quality assessment by creating comprehensive E2E test strategy for various Endpoint security solution developed. This duality provides a unique opportunity to explore new concepts in different technologies and perform original research in quality domain. More details about project: Samsung Knox Position Summary: We are looking for a Senior Offensive Security Engineer to proactively identify, exploit, and help eliminate security weaknesses across our web platforms and AI/ML systems. In this role, you will think like an attacker, operate with engineering rigor, and work closely with product, platform, and AI teams to raise the security bar across the organization. You will lead complex penetration tests, design novel attack techniques for web and modern AI-powered applications, and influence secure-by-design architecture at scale. Position Responsibilities: Conduct offensive security assessments on large-scale web applications, REST APIs, and cloud-backed services Identify and validate vulnerabilities including injection flaws, access control issues, authentication/authorization weaknesses, SSRF, deserialization, and logic bugs Evaluate LLM-based systems and AI agents for prompt injection, data exfiltration, model abuse and jailbreaks Design and execute red team–style engagements simulating real-world adversaries Develop custom exploitation tools, PoCs, and fuzzers for web and AI attack surfaces Identify systemic security weaknesses and collaborate with engineering teams to drive long-term mitigations Review architectures and designs for new products with an attacker mindset Produce clear, actionable security reports and present findings to technical and executive stakeholders Required Skills: Master’s degree in Computer Science, Computer Engineering, Information Security, or a closely related technical field, or equivalent combination of education training and experience 5+ years of experience in offensive security, penetration testing, or red teaming Deep expertise in web application security Strong understanding of API security Hands-on experience testing AI/ML or LLM-based systems, or strong motivation with demonstrated research in this area Proficiency in at least one scripting or programming language (Python, Go, JavaScript, or similar) Strong knowledge of common exploitation techniques and attacker tooling Special Attributes: Doctorate (PhD) in a relevant field is a plus Prior work on adversarial ML, red-teaming AI systems, or secure LLM pipeline design Experience with cloud security (AWS, GCP, Azure) and containerized environments Background in security research, published CVEs, CTF experience, blog posts, or conference talks OSCP, OSEP, OSWE, CRTO, or similar An attacker-first mindset with strong engineering discipline Ability to go beyond scanners and find novel, high-impact vulnerabilities Clear communicator who can translate complex exploits into actionable fixes Curiosity about emerging threats, especially in AI security Ownership mentality and comfort operating in ambiguous problem spaces Our total rewards programs are designed to motivate and engage exceptional talent. The base pay range for roles at this level is listed below, but may be higher or lower in other states due to geographic differentials in the labor market. Within the base pay range, individual rates depend on a number of factors—including the role’s function and location as well as the individual’s knowledge, skills, experience, education and training. This is part of our comprehensive compensation package with annual bonus eligibility and generous benefits to help you live life well. Base Pay Range $73 $100 USD Additional Information Disclosure of Trade Secrets Sa ... (truncated, view full listing at source)