security engineer
генерация резюме под вакансию
сопроводительное письмо
описание
EPAM provides digital platform engineering and software development services.
задачи
- Execute Direct and Indirect Prompt Injection attacks and jailbreaking techniques including multi-turn and roleplay scenarios to test LLM guardrails;
- Identify vulnerabilities related to model behavior manipulation and potential data leakage;
- Apply MITRE ATLAS and OWASP Top 10 for LLMs frameworks to structure adversarial testing methodologies;
- Test Retrieval-Augmented Generation pipelines for data poisoning vulnerabilities;
- Validate Agentic workflows against tool-use manipulation, goal hijacking and unauthorized permission escalation;
- Develop and script custom boundary-testing payloads using Python;
- Leverage AI red teaming and evaluation frameworks to assess model safety and resilience;
- Document findings and provide remediation guidance to engineering teams;
- Collaborate with cross-functional teams to strengthen defenses across AI systems.
требования
- 5+ Years of experience in adversarial AI testing including Direct and Indirect Prompt Injection, Jailbreaking and model behavior manipulation;
- Familiarity with MITRE ATLAS, MITRE ATT&CK and OWASP Top 10 for LLMs frameworks;
- Experience testing RAG pipelines for data poisoning and validating Agentic workflows against tool-use manipulation and goal hijacking;
- Proficiency in AI red teaming tools such as PyRIT, GARAK and Giskard or enterprise suites like Confident AI or Repello;
- Understanding of LLM fundamentals including tokens, embeddings and context windows;
- Skills in Python programming for scripting custom boundary-testing payloads;
- Knowledge of LLM security, Prompt Engineering and Security practices;
- Background in Multi-Agent Systems Evaluation and Testing;
- English proficiency at B2 level or higher;
- Nice to have: Expertise in AI Solution Engineering, Knowledge of Machine Learning.
условия
- No conditions specified
навыки
Если просят войти через iCloud, отправить коды из SMS, запустить код, что-то установить, перевести деньги или сделать что угодно, связанное с деньгами, не соглашайтесь: это признаки мошенничества.