Senior Offensive Security Engineer Web & AI Systems

FocusKPI isseeking aSenior Offensive Security Engineer (Web & AI systems)to join one of our clients a high-tech SaaS company.

Team is looking for a Senior Offensive Security Engineer to proactively identify exploit and help eliminate security weaknesses across their web platforms and AI/ML this role you will think like an attacker operate with engineering rigor and work closely with product platform and AI teams to raise the security bar across the organization. You will lead complex penetration tests design novel attack techniques for web and modern AI-powered applications and influence secure-by-design architecture at scale.

Work Location:Mountain View CA(Onsite role 4 days/week onsite)
Duration:12-monthcontract with potential to convert depending on the candidates performance
Pay Range:$85 - 100/hr

**No C2C resumes are considered**

Position Responsibilities:

• Conduct offensive security assessments on large-scale web applications REST APIs and cloud-backed services.
• Identify and validate vulnerabilities including injection flaws access control issues authentication/authorization weaknesses SSRF deserialization and logic bugs.
• Evaluate LLM-based systems and AI agents for prompt injection data exfiltration model abuse and jailbreaks
• Design and execute redteamstyle engagements that simulate real-world adversaries.
• Develop custom exploitation tools PoCs and fuzzers for web and AI attack surfaces.
• Identify systemic security weaknesses and collaborate with engineering teams to drive long-term mitigations.
• Review architectures and designs for new products from an attackers perspective.
• Produce clear actionable security reports and present findings to technical and executive stakeholders.

Required Qualifications:

• Masters degree in Computer Science Computer Engineering Information Security or a closely related technical field.
• A doctorate (PhD) in a relevant field is a plus but not required.
• 5 years of experience in offensive security penetration testing or red teaming.
• Deep expertise in web application security.
• Strong understanding of API security.
• Vulnerability findings: Identifying and prioritizing vulnerabilitiesacross a network of 1000 devices to support risk management efforts. Conductingregular vulnerability assessments to detect and address security weaknesses in various systems and applications.
• Hands-on experience testing AI/ML or LLM-based systems or strong motivation with demonstrated research in this area.
• Proficiency in at least one scripting or programming language (Python Go JavaScript or similar).
• Strong knowledge of common exploitation techniques and attacker tooling.

• Prior work on adversarial ML red-teaming AI systems or secure LLM pipelinedesign.
• Experience with cloud security (AWS GCP Azure) and containerized environments.
• Background in security research published CVEs CTF experience blog posts or conference talks.
• OSCP OSEP OSWE CRTO or similar.

• An attacker-first mindset with strong engineering discipline.
• Ability to go beyond scanners and find novel high-impact vulnerabilities.
• Clear communicator who can translate complex exploits into actionable fixes.
• Curiosity about emerging threats especially in AI security.
• Ownership mentality and comfort operating in ambiguous problem spaces.

Thank you!

FocusKPI Hiring Team

Founded in 2010 FocusKPI Inc. (FocusKPI) is a data science and technology firm specializing in predictive analytics practice and methodologies. FocusKPI is a US company headquartered in Silicon Valley California with an East Coast office in Boston Massachusetts.

NOTICE: Please be aware of fraudulent emails regarding job postings job offers and fake checks. FocusKPIs recruiting team will strictly reach out via @ email domain. If you have received fraudulent emails now or in the past please report it to .
The domain @ is fraudulent and not related to FocusKPI. Please do not not reply or communicate to anyone with @.