Senior Security Consultant (AI/ML Penetration Testing)

Job Category: Services

Requisition Number: SENIO001554

• Posted: April 11, 2025
• Full-Time
• Remote

Remote - US

NetSPI is the proactive security solution used to discover, prioritize, and remediate security vulnerabilities of the highest importance, so businesses can protect what matters most. NetSPI secures the most trusted brands on Earth through Penetration Testing as a Service (PTaaS), External Attack Surface Management (EASM), Cyber Asset Attack Surface Management (CAASM), and Breach and Attack Simulation (BAS). Leveraging a unique combination of dedicated security experts, intelligent processes, and advanced technology, NetSPI brings a proactive approach to cybersecurity with more clarity, speed, and scale than ever before.

NetSPI is on an exciting growth journey as we disrupt and improve the proactive security market. We are looking for individuals with a collaborative, innovative, and customer-first mindset to join our team. Learn more about our award-winning workplace culture and get to know our A-Team at www.netspi.com/careers.

Responsibilities:

• Conduct in-depth penetration testing on AI/ML systems, web applications, and APIs.
• Design and execute advanced adversarial testing (e.g., evasion, data poisoning, model extraction, inversion/inference) to expose vulnerabilities in AI/ML pipelines and architectures.
• Provide oversight to peers executing on AI/ML and web application pentesting engagements.
• Present comprehensive penetration test findings to clients while emphasizing AI/ML risks, and collaborate on remediation strategies with model hardening, adversarial training, and threat mitigation.
• Help author tools, presentations, white papers, and blog posts to share insights on AI/ML security best practices and emerging attack trends with the broader cybersecurity community.
• Maintain consistency with other internal requirements related to day-to-day administration tasks (submitting time sheets, daily status updates to clients, etc.)

Minimum Qualifications:

• Bachelor’s degree or higher, preferably in Computer Science, Data Science, Engineering, Mathematics, IT, or a related field; equivalent experience will also be considered.
• Minimum 3-5 years of hands-on penetration testing experience, demonstrating a track record of successful assessments and threat reporting.
• Proficiency in using and customizing offensive toolkits for network, application, and AI/ML penetration testing.
• Thorough understanding of how major ML frameworks (e.g., Tensorflow, PyTorch) are implemented in real-world training and deployment pipelines.
• Understanding of how to deploy AI/ML models with LangChain, including secure configuration of data flows, environment isolation, and integration with production systems.
• Understanding of Adversarial Machine Learning and its practical applications.
• Proficiency in Linux and/or Windows environments.
• Expertise in Python programming.
• Experience mentoring or coaching growing team members, while sharing knowledge externally through blogs, hosting webinars, or presenting at conferences.
• Willingness to travel up to 5-10%, depending on applicable skillset.
• This position requires an 8-hour workday, with occasional evenings or weekends necessary to meet project deadlines or critical needs.

Preferred Qualifications:

• Comprehensive knowledge of secure AI/ML development protocols and architecture.
• Strong problem-solving skills and the ability to think like both an attacker and a defender.
• A continuous learning mindset to keep up to date with the rapidly evolving AI/ML and cybersecurity landscapes.
• Excellent teamwork and communication skills, with the ability to explain complex security concepts to non-technical stakeholders.
• Experience with model interpretability and explainability tools to understand model behavior and potential biases.
• Experience in ML model development, feature engineering, and data pre-processing.

We are an equal employment opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status or any other characteristic protected by law.