Senior Offensive Security Engineer-Web&AI jobs in United States
cer-icon
Apply on Employer Site
company-logo

Cypress HCM · 18 hours ago

Senior Offensive Security Engineer-Web&AI

positionMountain View, CA
timeContract
remoteOnsite
seniorityMid, Senior Level
date5+ years exp

Cypress HCM is looking for a Senior Offensive Security Engineer to proactively identify, exploit, and help eliminate security weaknesses across their web platforms and AI/ML systems. The role involves conducting offensive security assessments, leading penetration tests, and influencing secure architecture design across the organization.

Human ResourcesInformation TechnologyStaffing Agency
check
Growth Opportunities

Responsibilities

Conduct offensive security assessments on large-scale web applications, REST APIs, and cloud backed services
Identify and validate vulnerabilities including injection flaws, access control issues, authentication/authorization weaknesses, SSRF, deserialization, and logic bugs
Evaluate LLM-based systems and AI agents for prompt injection, data exfiltration, model abuse and jailbreaks
Design and execute red team–style engagements simulating real-world adversaries
Develop custom exploitation tools, PoCs, and fuzzers for web and AI attack surfaces
Identify systemic security weaknesses and collaborate with engineering teams to drive long term mitigations
Review architectures and designs for new products with an attacker mindset
Produce clear, actionable security reports and present findings to technical and executive stakeholders

Qualification

Offensive securityPenetration testingWeb application securityAPI securityAI/ML security testingScripting languagesExploitation techniquesCloud securitySecurity researchOSCP certificationCuriosity about threatsClear communication

Required

Master's degree in Computer Science, Computer Engineering, Information Security, or a closely related technical field
5+ years of experience in offensive security, penetration testing, or red teaming
Deep expertise in web application security
Strong understanding of API security
Hands-on experience testing AI/ML or LLM-based systems, or strong motivation with demonstrated research in this area
Proficiency in at least one scripting or programming language (Python, Go, JavaScript, or similar)
Strong knowledge of common exploitation techniques and attacker tooling

Preferred

Doctorate (PhD) in a relevant field is a plus but not required
Prior work on adversarial ML, red-teaming AI systems, or secure LLM pipeline design
Experience with cloud security (AWS, GCP, Azure) and containerized environments
Background in security research, published CVEs, CTF experience, blog posts, or conference talks
OSCP, OSEP, OSWE, CRTO, or similar

Company

Cypress HCM

twittertwittertwitter
company-logo
Cypress HCM is a staffing and recruiting company providing technology and creative recruiting solutions.
dateFounded in 2005
location
Walnut Creek, California, USA
people-size51-200 employees
web-link
http://cypresshcm.com

Funding

Current Stage
Growth Stage

Leadership Team

leader-logo
Mark Lillig
CEO
linkedin
leader-logo
Philip Oommen
CFO
linkedin
Company data provided by crunchbase