[Remote] Security Consultant II (AI/ML Penetration Tester)

Note: The job is a remote job and is open to candidates in USA. NetSPI is a leader in Penetration Testing as a Service (PTaaS) and is seeking a Security Consultant II to enhance their cybersecurity defenses through advanced testing of AI and machine learning systems. The role involves conducting penetration tests, delivering actionable reports, and collaborating with clients on security best practices.

Responsibilities

• Conduct engagements on Web Applications and API’s independently, providing technical oversight as needed, including those which contain AI/ML components and features
• Perform prompt injection techniques against a variety of models, including text, voice, image, video, and multi-modal processing models
• Present comprehensive penetration test findings to clients while emphasizing AI/ML risks, and collaborate on remediation strategies with model hardening, adversarial training, and threat mitigation
• Create, deliver, and collaborate on penetration testing reports in diverse client environments, maintaining client-specific processes, reporting standards, and access protocols to help improve their security posture
• Research and develop innovative techniques, tools, and methodologies for penetration testing services, alongside commitment to improvement and execution on NetSPI specific products and processes
• Participate in development, implementation, and oversight of testing, delivery, and management strategies for key client accounts
• Perform administrative tasks related to day-to-day consulting activities to ensure smooth business and engagement operations

Skills

• Bachelor's degree or higher, with a focus on IT, Computer Science, Engineering or Math or equivalent experience
• Minimum of 2-4 years of work experience in Penetration Testing
• Familiarity with attack techniques utilized against text, voice, image, video, and multi-modal models
• Proficiency in using and customizing offensive toolkits for network, application, and AI/ML penetration testing
• Understanding of Adversarial Machine Learning and its practical applications
• Familiarity with offensive tools, based on applicable skillset (e.g., Kali Linux, Burp Suite, Metasploit, Nessus)
• Familiarity with offensive and defensive IT concepts and protocols
• Extensive understanding of the OWASP Top 10 for both web applications and large language models, MITRE ATT&CK framework, and various security frameworks
• Working knowledge of Windows, Linux and MacOS operating systems internals
• Experience mentoring or coaching to growing team members
• Ability to work independently and as part of a team
• Proficient communication skills, both written and verbal
• This position requires an 8-hour workday, with occasional evenings or weekends necessary to meet project deadlines or critical needs
• Ability to provide technical and QA oversight on AI/ML service line
• Comprehensive knowledge of secure AI/ML development protocols and architecture
• Strong problem-solving skills and the ability to think like both an attacker and a defender
• A continuous learning mindset to keep up to date with the rapidly evolving AI/ML and cybersecurity landscapes
• Experience with model interpretability and explainability tools to understand model behavior and potential biases
• Experience in ML model development, feature engineering, and data pre-processing
• Experience in one or more of the following programming or scripting languages: Ruby, Python, Perl, C, C++, Java, and C#
• Offensive Security Certifications (e.g., GXPN, GPEN, OSCP, GWAPT)

Company Overview

• NetSPI is a cybersecurity company that offers enterprise security testing and attack surface management services. It was founded in 2001, and is headquartered in Minneapolis, Minnesota, USA, with a workforce of 501-1000 employees. Its website is https://www.netspi.com.

Company H1B Sponsorship

• NetSPI has a track record of offering H1B sponsorships, with 1 in 2025, 3 in 2024, 1 in 2023, 2 in 2022, 5 in 2021, 5 in 2020. Please note that this does not guarantee sponsorship for this specific role.

job Apply To this Job Apply tot his job Apply To this Job