Analyst - AI Penetration Tester

Job Description

When you join Verizon

Verizon is one of the world’s leading providers of technology and communications services, transforming the way we connect around the world. We’re a human network that reaches across the globe and works behind the scenes. We anticipate, lead, and believe that listening is where learning begins. In crisis and in celebration, we come together—lifting up our communities and striving to make an impact to move the world forward. If you’re fueled by purpose, and powered by persistence, explore a career with us. Here, you’ll discover the rigor it takes to make a difference and the fulfillment that comes with living the #NetworkLife.

What you’ll be doing…

The mission of Readiness and Proactive Security (RPS) is to ensure Verizon is resilient to attacks against our people, process, and technology. RPS focuses on testing, measuring, and improving Verizon’s capabilities to prevent, detect, and respond to a cyber attack. RPS proactively scans, identifies, validates, exploits, and ensures remediation of vulnerabilities in our technology products through Enterprise Vulnerability Management (EVM) and Enterprise Penetration Testing. Our Enterprise Red Team and dedicated Purple Team focus on ensuring Verizon is ready and resilient to attacks from threat actors by testing our detection and response.

The AI Penetration Tester is responsible for all aspects of AI penetration testing work performed by the team as part of RPS Enterprise Penetration Testing team. The core mission of the team is to assess the implementation of AI, ML, LLM, GenAI against attacks, identify vulnerabilities and provide recommendations. You will be part of an internal security team focused on the infrastructure used to support a world-class network. You will be challenged to learn new concepts on each assessment.

• Performing technical research including analysis of current attack and safety trends and solutions to evaluate, detect and mitigate risk in AI implementations

• Performing technical assessment of AI products, models and applications and assisting risk management, AI development, engineering, and data science teams to identify the best technical mitigations to identified risks

• Designing, prototyping, and implementing comprehensive adversarial testing strategies, including automated and manual adversarial testing approaches

• Researching adversarial testing best practices and educate peers to participate effectively in the process of securing AI/ML use

• Collaborating with cross-functional teams to build adversarial testing frameworks into the AI lifecycle

• Contributing to the development or selection of testing tools, guardrails, and other proactive measures to test, prevent and mitigate risks posed by bad actors

• Contributing to and maintain an adversarial testing repository of reusable code modules and libraries to streamline security processes

• Participating in scoping, documenting, and executing tests for technical vulnerabilities, model vulnerabilities, and systems abuse including but not limited to inaccuracy and other breaches of alignment.

• Communicating clearly with all stakeholders to ensure a successful penetration test

• Driving the mindset of ownership and continuous improvement – drive positive change on the team through proactive work.

• Providing thought leadership – identify areas where security can be improved at Verizon and support actions to achieve those goals.

What we’re looking for…

You'll need to have:

• Bachelor's degree OR four or more years of work experience.

• Four or more years of relevant work experience in offensive security (e.g. penetration testing).

• Understanding/knowledge of OWASP TOP 10 for LLM applications and/or MITRE ATLAS

• Understanding of the full machine learning lifecycle, including management and maintenance of model files, agentic implementations, prompt engineering, benchmarking, and adversarial robustness testing methodologies.

• Experience in penetration testing cloud and network infrastructure, web apps, and/or bug bounty programs

• Experience with complex enterprise networks –architecture and equipment.

• Linux and Windows system administration experience.

• Strong knowledge of tools used for web application, AI/ML, and network security testing, such as Burp Suite, Kali Linux, Metasploit, Postmate, Garak, and/or PyRIT

• Experience with Cloud security and technologies for containers and virtual machines.

• Programming and scripting languages – one or more of the following: Python, Javascript, Java, PowerShell, PHP, C, C#, Ruby, bash.

Even better if you have:

• Experience with machine learning including but not limited to Data Preparation, Model Engineering, Model Evaluation, Model Deployment, Monitoring and Maintenance, transformers and multi-modal models.

• Familiarity and hands on experience with model attack methodologies including jailbreak, model inversion, and research into evolving attacks against AI/ML systems.

• Ability to communicate technical issues to a range of audiences.

• Solid organizational skills that support efficient completion of complex projects with multiple stakeholders.

• Advanced certifications from Offensive Security (OSWE, OSCE, OSED, etc) or similar industry recognized practical certifications.

• Experience developing, extending, or modifying exploits, shellcode or exploit tools.

• Website or application development experience.

• Automation experience.

• Experience with source code review for control flow and security flaws.

If Verizon and this role sound like a fit for you, we encourage you to apply even if you don’t meet every “even better” qualification listed above.

Where you'll be working

In this hybrid role, you'll have a defined work location that includes work from home and assigned office days set by your manager.

Equal Employment Opportunity

We’re proud to be an equal opportunity employer - and celebrate our employees’ differences, including race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, and Veteran status. At Verizon, we know that diversity makes us stronger. We are committed to a collaborative, inclusive environment that encourages authenticity and fosters a sense of belonging. We strive for everyone to feel valued, connected, and empowered to reach their potential and contribute their best. Check out our diversity and inclusion page to learn more.

Where you’ll be working

In this hybrid role, you'll have a defined work location that includes work from home and assigned office days set by your manager.

Where you’ll be working

In this hybrid role, you'll have a defined work location that includes work from home and assigned office days set by your manager.

Scheduled Weekly Hours

40

Diversity and Inclusion

We’re proud to be an equal opportunity employer. At Verizon, we know that diversity makes us stronger. We are committed to a collaborative, inclusive environment that encourages authenticity and fosters a sense of belonging. We strive for everyone to feel valued, connected, and empowered to reach their potential and contribute their best. Check out our diversity and inclusion page to learn more.