ForgeApply · Job listing
Senior Security Engineer (Red Team)
Pindropsecurity
Apply in about a minute — without sacrificing quality.
ForgeApply autofills this application and tailors your resume to this exact posting. You review everything before it's sent. Free trial, no card required.
About this role
Who We Are
Pindrop is the Real Human + Right Human® Identity Trust Platform for the AI era. As AI-driven fraud and deepfakes erode trust in digital communication, Pindrop delivers continuous identity verification and deepfake detection across voice, video, and digital interactions in real time.
Enterprises rely on Pindrop to secure billions of high-risk customer interactions each year, including top U.S. banks, as well as leading insurers and healthcare providers. Powered by models trained on more than 1.5 billion real-world interactions annually and protected by 300+ patents, Pindrop restores trust while reducing fraud, lowering operational costs, and improving customer experience.
Recognized by TIME as one of the Top 10 Most Influential Software Companies of 2026 and by Inc. for Best in Business for Innovation, Pindrop is backed by leading investors including Andreessen Horowitz, IVP, and CapitalG.
What you’ll do
As a Security Engineer (Red Team), you will help Pindrop proactively identify and exploit weaknesses across product, cloud, and AI-powered systems so we can strengthen defenses before adversaries do. This role blends hands-on offensive security, GenAI attack simulation, security engineering, and operational partnership with blue-team, product, and AI/ML stakeholders.
• Design and execute red team operations against Pindrop’s GenAI systems, LLM pipelines, RAG architectures, autonomous agents, APIs, SaaS products, and cloud environments, simulating real-world attacks across both traditional and AI-specific attack surfaces.
• Conduct adversarial testing focused on prompt injection, indirect prompt attacks, jailbreaking, model extraction, training-data poisoning, data leakage, inference abuse, and unauthorized output manipulation.
• Use deepfake generation, voice synthesis, and related spoofing techniques to test and attempt to defeat Pindrop’s voice authentication and deepfake detection capabilities, helping identify model robustness and detection gaps.
• Develop novel attack chains that combine GenAI vulnerabilities with infrastructure, application, identity, and API weaknesses to create realistic end-to-end threat scenarios.
• Plan and execute full-scope penetration tests and support bug bounty efforts across Pindrop’s web applications, APIs, SaaS products, and AWS/GCP environments using commercial and open-source offensive tooling.
• Perform architecture reviews, security code reviews, and threat modeling with emphasis on vulnerabilities introduced by AI/ML components, model integrations, and LLM-facing services.
• Build automation for offensive security workflows, testing, compliance checks, alerting, and reporting using Python or similar scripting languages, including AI-native attack tooling where useful.
• Partner closely with SecOps and security engineering to improve detections, tune response workflows, and translate red team findings into practical remediation and defensive improvements.
• Stay current on GenAI security research, adversarial ML techniques, evolving threat intelligence, and relevant regulatory developments, then apply those insights to Pindrop’s security program.
Who you are
• You are an adversarial thinker who approaches security from an attacker’s perspective and brings the creativity, rigor, and curiosity to prove it.
• You have genuine hands-on experience attacking AI systems, not just reading about them, and you enjoy breaking assumptions that others consider safe.
• You continuously look for automation and AI-powered efficiencies in offensive security workflows.
• You communicate clearly and can translate technical findings into prioritized, actionable guidance for technical and executive audiences alike.
• You work independently and thrive in ambiguous, fast-moving environments with minimal supervision.
• You are resilient, optimistic, accountable, and adaptable when priorities shift.
Your skill-set
Must-haves
• 3+ years of hands-on penetration testing and red team experience across SaaS applications, cloud infrastructure, APIs, and web applications.
• Demonstrable experience attacking GenAI or LLM-based systems, including prompt injection, jailbreaking, indirect prompt attacks, model extraction, or adversarial input generation.
• Hands-on experience with deepfake tools, voice synthesis, or audio/visual spoofing technologies in an offensive or research context.
• Strong proficiency with offensive security tooling such as Burp Suite, OWASP ZAP, Nmap, Metasploit, Cobalt Strike, or equivalent frameworks.
• Experience configuring and operating SAST and DAST tools and integrating them into CI/CD pipelines.
• Proficiency in at least one scripting or programming language, with Python strongly preferred, for custom attack tooling and workflow automation.
• Familiarity with AI-specialized security tools or frameworks such as Garak, PyRIT, Claude Security, or similar adversarial ML tooling.
• Strong understanding of cloud security architecture, container security, API security, and common security standards including ISO 27001/27002, NIST, CIS, PCI DSS, OWASP, and SOC 2.
Nice-to-haves
• Prior software development or secure architecture experience, including the ability to reason about production code across multiple languages.
• Research, publication, or deep practitioner background in adversarial machine learning, LLM security, or voice/audio deepfake detection.
• Relevant certifications such as OSCP, GPEN, GWAPT, GXPN, CEH, or equivalent.
• Prior experience in voice biometrics, AI security, fraud prevention, or similarly high-risk product environments.
What’s in it for you
As a Pindropper, you join a rapidly growing company making technology more human with the power of voice. You will work alongside some of the best and brightest. We’re a passionate group committed to excellence - but that doesn’t stop us from enjoying the journey as a team with chess and poker tournaments, catered lunches and happy hours, wellness p
Ready to apply to Pindropsecurity?
Apply in about a minuteSimilar jobs
- Senior Security Engineer, Red Team — Doordashusa · Remote
- Senior / Staff Security Engineer, Red Team — Radar · New York
- AI Red Team Security Engineer — Ethoslife · Remote
- Senior Red Team Engineer — Snowflake · Remote
- Senior Security Engineer — Cision · Remote
- Senior Security Engineer — Youcom · San Francisco (Hybrid)
- Senior Security Engineer — Overstory · Remote
- Senior Security Engineer — Decagon · San Francisco
More like this: Security & Cybersecurity Jobs · Remote Security & Cybersecurity Jobs · Browse all jobs