We're a team of scientists, engineers, and machine learning experts working together to advance the state of the art in artificial intelligence. Our mission is to close the 'Agentic Launch Gap'; the critical window where novel AI capabilities outpace traditional security reviews.

As the Security Lead for the Agentic Red Team, you will direct a specialized unit of AI Researchers and Offensive Security Engineers focused on adversarial AI and agentic exploitation. Operating as a technical player-coach, you will architect complex, multi-turn attack scenarios while managing cross-functional partnerships with Product Area leads and Google security to influence launch criteria.

Key Responsibilities:

• Direct Agile Offensive Security: Lead a specialized red team focused on rapid, high-impact engagements targeting production-level AI models and systems.
• Perform Complex AI Exploitation: Develop and carry out advanced attack sequences that focus on vulnerabilities unique to GenAI, such as escalating privileges through tool usage, poisoning data, and executing multi-turn prompt injections.
• Design Automated Validation Systems: Collaborate with Google teams to engineer 'Auto RedTeaming' solutions that transform manual vulnerability discoveries into robust, automated regression testing frameworks.
• Engineer Technical Countermeasures: Create innovative defense-in-depth frameworks and control systems to mitigate agentic logic errors and non-deterministic model behaviors.
• Manage Threat Intelligence Assets: Develop and oversee an evolving inventory of exploit primitives and agent-specific attack patterns used to establish release criteria and evaluate model security benchmarks.
• Establish Security Scope: Collaborate with Google for conventional infrastructure protection, allowing the team to concentrate solely on agentic logic, model inference, and AI-centric exploits.

About You:

• Bachelor's degree in Computer Science, Information Security, or equivalent practical experience.
• Experience in Red Teaming, Offensive Security, or Adversarial Machine Learning.
• Deep technical understanding of LLM architectures and agentic workflows (e.g., chain-of-thought reasoning, tool usage).
• Proven ability to work in a consulting capacity with product teams, driving security improvements in fast-paced release cycles.
• Experience managing or technically leading small, high-performance engineering teams.

In addition, the following would be an advantage:

• Hands-on experience developing exploits for GenAI models (e.g., prompt injection, adversarial examples, training data extraction).
• Familiarity with AI safety benchmarks and evaluation frameworks.
• Experience writing code (Python, Go, or C++) to build automated security tools or fuzzers.
• Ability to communicate complex probabilistic risks to executive stakeholders and engineering teams effectively.

The US base salary range for this full-time position is between $248,000 - $349,000 + bonus + equity + benefits.

XML job scraping automation by YubHub

We're a team of scientists, engineers, machine learning experts, and more, working together to advance the state of the art in artificial intelligence.

About Us The Agentic Red Team is a specialized, high-velocity unit within Google DeepMind Security. Our mission is to close the 'Agentic Launch Gap',the critical window where novel AI capabilities outpace traditional security reviews.

The Role As a Senior Security Engineer on the Agentic Red Team, you will be the primary technical executor of our adversarial engagements. You will work 'in the room' with product builders, identifying architectural flaws during the design phase long before formal reviews begin.

Key Responsibilities:

• Execute Agile Red Teaming: Conduct rapid, high-impact security assessments on agentic services, focusing on vulnerabilities unique to GenAI such as prompt injection, tool-use escalation, and autonomous lateral movement.
• Develop Advanced Exploits: Engineer and execute complex attack sequences that exploit non-deterministic model behaviors, agentic logic errors, and data poisoning vectors.
• Build Automated Defenses: Write code to transform manual vulnerability discoveries into automated regression testing frameworks ('Auto Red Teaming') that prevent regression in future model versions.
• Embed with Product Teams: Partner directly with developers during the design and build phases to provide immediate feedback, effectively shortening the feedback loop between offensive findings and defensive engineering.
• Curate Threat Intelligence: Maintain and expand a library of agent-specific attack patterns and exploit primitives to establish robust release criteria for new models.

About You In order to set you up for success as a Software Engineer at Google DeepMind, we look for the following skills and experience:

• Bachelor's degree in Computer Science, Information Security, or equivalent practical experience.
• Experience in Red Teaming, Offensive Security, or Adversarial Machine Learning.
• Strong coding skills in Python, Go, or C++ with experience building security tools or automation.
• Technical understanding of LLM architectures, agentic workflows (e.g., chain-of-thought reasoning), and common AI vulnerability classes.

Preferred Qualifications

• Hands-on experience developing exploits for GenAI models (e.g., prompt injection, adversarial examples, training data extraction).
• Experience working in a consulting capacity with product teams or in a fast-paced 'startup-like' environment.
• Familiarity with AI safety benchmarks, evaluation frameworks, and fuzzing techniques.
• Ability to translate complex probabilistic risks into actionable engineering fixes for developers.

Salary & Benefits The US base salary range for this full-time position is between $166,000 - $244,000 + bonus + equity + benefits.

XML job scraping automation by YubHub