Senior Security Engineer, Agentic Red Team, Deepmind

Google Google · Big Tech · Mountain View, CA +3

Senior Security Engineer focused on red teaming AI agents, identifying vulnerabilities in agentic behaviors like tool usage and reasoning chains, and developing automated testing frameworks and guardrails for production-level AI models.

What you'd actually do

  1. Conduct rapid, high-impact security assessments on agentic services, focusing on vulnerabilities unique to Generative AI such as prompt injection, tool-use escalation, and autonomous lateral movement.
  2. Engineer and execute attack sequences that exploit non-deterministic model behaviors, agentic logic errors, and data poisoning vectors.
  3. Write code to transform manual vulnerability discoveries into automated regression testing frameworks ("Auto Red Teaming") that prevent regression in future model versions.
  4. Partner directly with developers during the design and build phases to provide immediate feedback, effectively shortening the feedback loop between offensive findings and defensive engineering.
  5. Maintain and expand a library of agent-specific attack patterns and exploit primitives to establish release criteria for new models.

Skills

Required

  • Red Teaming
  • Offensive Security
  • Adversarial Machine Learning
  • Large Language Model (LLM) architectures
  • agentic workflows
  • AI vulnerability classes
  • developing exploits for GenAI models
  • Python
  • Go
  • C++

Nice to have

  • working in a consulting capacity with product teams
  • fast-paced "startup-like" environment
  • AI safety benchmarks
  • evaluation frameworks
  • fuzzing techniques
  • translate complex probabilistic risks into actionable engineering fixes
  • building security tools or automation

What the JD emphasized

  • Agentic Launch Gap
  • multi-turn attacks on production-level AI models
  • agentic behaviors like tool usage and reasoning chains
  • Auto Red teaming frameworks
  • defensive strategies
  • guardrails
  • Large Language Model (LLM) architectures
  • agentic workflows
  • AI vulnerability classes
  • exploits for GenAI models

Other signals

  • security assessments on agentic services
  • exploiting non-deterministic model behaviors
  • Auto Red teaming frameworks
  • AI safety benchmarks
  • agentic behaviors like tool usage and reasoning chains