Adversarial AI Offensive Security Analyst

The Adversarial AI Offensive Security Analyst, Senior Specialst is a senior individual contributor role on the Offensive Security & Fraud Testing (OSFT) team. The mission of this role is to harness AI and automation as force multipliers for red teaming and penetration testing at scale, emulating advanced adversaries from reconnaissance through exploitation. Unlike roles focused on testing AI systems, this position uses AI to enhance offensive security operations, enabling broader, faster, and more sophisticated attack simulations that challenge our defenses and fraud controls.

ERO is seeking an experienced Offensive Security professional to lead cutting-edge AI-augmented red team engagements. As an Adversarial AI Offensive Security Analyst, you will blend traditional penetration testing expertise with innovative use of AI/LLMs and automation. You'll develop and utilize custom tools (including integrating Model Context Protocol (MCP) or similar AI-agent frameworks) to amplify offensive operations. Your work directly strengthens our security by simulating AI-powered threat actors at scale and driving improvements across cyber defenses and fraud detection.

• Plan & Execute AI-Enhanced Attacks: Lead red team operations and penetration tests that incorporate LLM-driven techniques and agentic automation to simulate sophisticated adversaries at scale. Maintain human-in-the-loop oversight to ensure safe, controlled execution. [
• Custom Tooling & Automation: Design or integrate custom offensive tools and scripts that use AI/ML (e.g. LLM APIs, automation frameworks) to accelerate vulnerability discovery, exploit development, and testing workflows. For example, develop internal frameworks that interface LLMs with red team C2 platforms (like MythicMCP, SliverMCP) to enable autonomous or semi-autonomous operations.
• Adversarial Simulation & Fraud Testing: Conduct adversarial exercises targeting both technical systems and fraud controls, using AI to emulate how attackers might abuse scale and automation. Work with fraud risk teams to simulate large-scale abuse scenarios (bots, deepfakes, automated scams) using AI capabilities.
• Collaboration & Purple Teaming: Partner closely with blue teams (SOC, Detection Engineering) and fraud prevention teams to share insights from AI-augmented tests. Help validate and improve detection and response for AI-driven attack techniques through joint purple team exercises.
• Reporting & Knowledge Sharing: Document attack scenarios, findings, and mitigations in clear reports. Present results and risk insights to both technical staff and executives, translating complex AI-augmented attack methods into actionable defense improvements. Mentor colleagues in adopting AI-assisted tools and foster a culture of innovation in the team.

• Offensive Security Expertise: 5-7+ years of hands-on experience in penetration testing, red teaming, or adversary simulation with a strong track record. Deep understanding of network/web application security, exploitation techniques, and attacker TTPs (MITRE ATT&CK).
• AI & Automation Skills: Proven experience leveraging AI/ML or automation in cybersecurity (e.g. using LLM APIs, scripting against AI services, building security chatbots or automation pipelines). Ability to craft effective prompts and interpret LLM outputs. Familiarity with integrating AI into tools or workflows (experience with frameworks like Model Context Protocol (MCP) servers is a strong plus).
• Programming & Tool Development: Proficiency in Python or similar languages for developing custom tools, automation scripts, and integrating APIs. Experience building or extending offensive toolsets (C2 frameworks, scanners, exploit scripts) to adapt to new needs.
• Security Certifications & Education: Bachelor's degree in computer science, engineering, or equivalent experience. Industry certifications such as OSCP, CRTE or similar are preferred, demonstrating advanced offensive skills.
• Innovative & Collaborative Mindset: Demonstrated creative problem-solving ability and adaptability. Eagerness to continuously research emerging AI-enabled attack techniques and proactively share knowledge. Strong collaboration skills to work with cross-functional teams and communicate complex concepts clearly.

• Experience with AI agent frameworks or autonomous red teaming tools (e.g. experimenting with LLM agents for recon/exploitation).
• Knowledge of adversarial machine learning concepts or AI model vulnerabilities (prompt injection, data poisoning) - not the focus of this role, but indicative of a broad security mindset.
• Prior experience in fraud testing/abuse simulations or social engineering engagements, especially using deepfakes or automated bots.
• DevOps/cloud knowledge (CI/CD pipelines, AWS/Azure) and how AI can target cloud or supply chain environments.