Senior Security Engineer (AI & Agentic Systems)

Uber
New York, NY, USA / San Francisco, CA, USA / Seattle, WA, USA2026-01-20

About the job

As AI systems—especially agentic and autonomous AI—become deeply embedded in our products and internal platforms, the security model must evolve. Traditional application security alone is no longer sufficient. We are looking for a Senior AI Red Team Engineer to help us proactively identify, understand, and mitigate AI-native and agent-specific security risks before they reach production.

Responsibilities

Design and execute AI red-teaming exercises against LLMs and AI agents, including:

1. prompt injection (direct & indirect)

2. jailbreaking and policy bypass

3. model and tool poisoning

4. memory and context poisoning

5. behavioral drift and unsafe autonomy

6. tool misuse and emergent privilege escalation

Analyze agent workflows, logic, and tool graphs to identify systemic security weaknesses beyond prompt-level attacks.

Develop reusable adversarial test cases, attack libraries, and red-team playbooks for AI systems.

Collaborate with AI platform and product teams to translate red-team findings into actionable mitigations, guardrails, and design changes.

Partner with broader security teams (AppSec, InfraSec, Privacy, Risk) to integrate AI red teaming into the SDLC and launch gates.

Contribute to AI security strategy, helping define how we evaluate and secure agentic systems at scale.

Stay ahead of emerging AI threats, tracking industry research, incidents, and attack techniques relevant to AI and autonomous systems.

Qualifications

Minimum

1. 4+ years of experience in security engineering, offensive security, or red teaming

2. Hands-on experience red-teaming AI models or AI agents, including testing for prompt injection, jailbreaks, unsafe behavior, Excessive agency, Model DoS.

3. Familiarity with AI production patterns such as ReAct, tool use, multi-agent orchestration

4. Strong understanding of security fundamentals (threat modeling, secure design, least privilege, defense in depth).

5. Experience analyzing complex systems and reasoning about unintended behavior and emergent risk.

6. Ability to clearly document findings and communicate risk to both technical and non-technical stakeholders

7. Proficiency in at least one programming language (e.g., Python, Go, Java, or similar)

Preferred

1. Familiarity with AI security tools and frameworks (e.g., PyRIT, AgentDojo, Promptfoo, custom harnesses).

2. Strong understanding of GenAI and LLM architectures, including: embeddings, RAG, or agent frameworks.

3. Hands-on experience building or operating AI agents, including tool calling, memory, or workflow orchestration.

4. Offensive security / penetration testing background (e.g., red team, bug bounty, exploit development).

5. Active on HackerOne, Bugcrowd, Synack