Skip to main content
Trail of Bits

Senior Security Engineer - Agentic AI

4w

Trail of Bits

US · Full-time · $100,000 – $220,000

About this role

Trail of Bits seeks a Senior Security Engineer specializing in Agentic AI Security for our Software Assurance team. You will discover and exploit novel vulnerabilities in agentic AI systems, finding the breaks before your clients do.

You'll develop sophisticated prompt injection attacks, test agent orchestration weaknesses, and identify real-world failure modes in LLM tool use, training data pipelines, and guardrail mechanisms. This role allows you to apply application security expertise and adversarial thinking to the latest agentic systems and business integrations.

In addition to performing technical assessments, you will develop threat models for agentic AI systems and contribute to risk frameworks for generative AI deployment. You'll deliver specialized training to clients on novel exploitation techniques in agentic AI security.

Trail of Bits is the premier place for security experts to boldly advance security and address technology's newest and most challenging risks. Our combination of novel research with practical solutions reduces the security risks that our clients face from emerging technologies.

Requirements

  • Expertise in application security and adversarial thinking applied to agentic systems
  • Experience discovering and exploiting novel vulnerabilities in AI systems
  • Proficiency in developing sophisticated prompt injection attacks and testing agent orchestration weaknesses
  • Ability to identify real-world failure modes in LLM tool use, training data pipelines, and guardrail mechanisms
  • Experience with static analysis, dynamic testing, and manual code review
  • Strong understanding of threat modeling and risk assessment methodologies
  • Ability to develop actionable attack libraries and defensive countermeasures for client engagements

Responsibilities

  • Conduct comprehensive application security assessments of agentic AI pipelines, tools, and frameworks for leading companies and labs
  • Develop and share novel prompt injection techniques targeting agentic workflows, including indirect injection via tool outputs, multi-turn manipulation, and cross-agent exploitation
  • Conduct security assessments of client code bases using static analysis, dynamic testing, and manual code review
  • Conduct threat modeling and risk assessments to proactively identify potential risks for clients, with attention to prompt injection attack surfaces in agentic orchestration layers
  • Work with leading industry teams to review system code and architecture, and help assure their products through system analysis and modeling
  • Develop and contribute to AI regulatory and compliance initiatives, including risk frameworks for generative AI deployment
  • Deliver specialized training to clients on novel exploitation techniques in agentic AI security

Benefits

  • Opportunity to work with leading industry teams on cutting-edge agentic AI systems
  • Contribute to novel research that drives the security industry and public understanding of technology
  • Access to ongoing informational support through blogs, whitepapers, newsletters, meetups, and open-source tools
  • Work at a company founded by expert hackers with a research-based and custom-engineering approach