Remote Cybersecurity Expert – Advanced AI Evaluation

About the role

We are seeking a Remote Cybersecurity Expert to design and develop advanced evaluation tasks for frontier AI models. You will create realistic, adversarial security scenarios that test AI’s ability to understand code, detect vulnerabilities, and reason about complex software security problems.

Key responsibilities

• Design and develop multi‑vulnerability codebases across languages such as Go, Python, Node.js, or Rust.
• Create multi‑stage attack chains by combining multiple vulnerability classes into realistic exploit scenarios.
• Build deterministic evaluation frameworks using containerized environments and automated verification systems.
• Write security test cases and exploit checks to ensure vulnerabilities are properly detected and mitigated.
• Analyze AI model outputs and reasoning traces to identify failure points in security understanding.
• Craft adversarial scenarios including misleading documentation, obfuscated code, and edge‑case logic.
• Balance real‑world CVE‑based scenarios with synthetic vulnerability classes to ensure robust evaluation.
• Ensure evaluation tasks are reproducible, scalable, and resistant to data contamination.

Required profile

• 4+ years of experience in cybersecurity, application security, or vulnerability research.
• Hands‑on experience with vulnerability discovery (CVE exposure, bug bounty, red teaming, or CTFs) and secure code review.
• Deep understanding of web security (authentication, sessions, OAuth, JWT), SSRF, injection attacks, cryptographic vulnerabilities, and filesystem attacks.
• Experience building or using security tools such as SAST, fuzzing, or IAST.
• Proficiency in at least one of the following languages: Go, Python, Node.js, or Rust.
• Familiarity with Docker, containerized environments, Linux internals, and writing automated tests (e.g., pytest).

Required skills

• Go
• Python
• Node.js
• Rust
• Docker
• Linux
• SAST
• Fuzzing
• IAST
• Web security (OAuth, JWT)
• SSRF
• Injection attacks
• Cryptographic attack techniques
• Filesystem vulnerability techniques
• Automated testing frameworks (e.g., pytest)