info_outline
X Note: By applying to this position you will have an opportunity to share your preferred working location from the following:
Mountain View, CA, USA; New York, NY, USA; Zürich, Switzerland.
Minimum qualifications: - Bachelor's degree in Computer Science, Information Security, or equivalent practical experience.
- 5 years of experience in Red Teaming, Offensive Security, or Adversarial Machine Learning.
- Experience with Large Language Model (LLM) architectures, agentic workflows (e.g., chain-of-thought reasoning), and AI vulnerability classes.
- Experience developing exploits for GenAI models (e.g., prompt injection, adversarial examples, training data extraction).
Preferred qualifications: - Experience working in a consulting capacity with product teams or in a fast-paced "startup-like" environment.
- Familiarity with AI safety benchmarks, evaluation frameworks, and fuzzing techniques.
- Ability to translate complex probabilistic risks into actionable engineering fixes for developers.
- Excellent coding skills in Python, Go, or C with experience building security tools or automation.
About the jobAs a part of the Agentic Red Team, you will be a specialized, high-velocity unit within DeepMind Security. Your mission is to close the Agentic Launch Gap-the critical window where novel AI capabilities outpace traditional security reviews.
As a Senior Security Engineer on the Agentic Red Team, you will be the primary technical executor of adversarial engagements. You will work with product builders, identifying architectural flaws during the design phase long before formal reviews begin.
Your core focus will be to perform multi-turn attacks on production-level AI models, specifically targeting agentic behaviors like tool usage and reasoning chains. You will not only find vulnerabilities but also help close the loop by contributing to Auto Red teaming frameworks and defensive strategies, ensuring that your findings are codified into reusable guardrails for all Google agent developers.
US: $174000 - $253000 (USD) 15% bonus target equity benefits
Learn more about benefits at Google .
Responsibilities - Conduct rapid, high-impact security assessments on agentic services, focusing on vulnerabilities unique to Generative AI such as prompt injection, tool-use escalation, and autonomous lateral movement.
- Engineer and execute attack sequences that exploit non-deterministic model behaviors, agentic logic errors, and data poisoning vectors.
- Write code to transform manual vulnerability discoveries into automated regression testing frameworks ("Auto Red Teaming") that prevent regression in future model versions.
- Partner directly with developers during the design and build phases to provide immediate feedback, effectively shortening the feedback loop between offensive findings and defensive engineering.
- Maintain and expand a library of agent-specific attack patterns and exploit primitives to establish release criteria for new models.