Senior AI Security Content Engineer (Fixed Term)
Role details
Job location
Tech stack
Job description
- Research, design, and develop comprehensive AI security labs for TryHackMe, creating realistic attack/defence scenarios (prompt injection, model exfiltration, adversarial inputs, supply chain attacks) and immersive learning experiences that cover AI vulnerabilities, attack vectors, impacts, and mitigation strategies
- Draw on your hands-on cybersecurity background to ensure all AI security content is grounded in real-world defensive practices and threat landscapes
- Collaborate with the Content Engineering Team to align AI-focused content with TryHackMe's learning pathways
- Translate cutting-edge AI security research and real-world incidents into interactive, practical learning experiences
- Stay current with the evolving AI threat landscape and update content to reflect new attack techniques and defences
- Contribute to the content roadmap for AI and emerging technology tracks
- Serve as a subject matter expert across both cybersecurity and AI security, mentoring other content engineers and elevating the quality and accuracy of content across the team
- Excel at sharing AI security expertise (and any other relevant expertise) with team members, translating technical research into actionable insights
Requirements
The ideal candidate brings proven, hands-on cybersecurity experience - you've worked in the trenches of blue team operations, security engineering, incident response or in the realms of offensive security or cloud security - and you have a strong working knowledge of AI/ML systems, their architectures, and the unique security challenges that arise when integrating them into existing organisational infrastructure. You understand both the cybersecurity fundamentals and the AI landscape well enough to teach others how to defend at the intersection of the two.
To be considered for this opportunity, you must have at least 5+ years of hands-on cybersecurity experience in roles such as:
- Security Engineer, SOC Analyst, Threat Hunter, Incident Responder, or Penetration Tester
In addition, you must demonstrate practical knowledge of AI/ML systems and their security implications, gained through professional experience, personal projects, or research - including hands-on exposure to AI model deployment, MLOps pipelines, or cloud-based AI environments (Azure, AWS, GCP).
Mandatory cybersecurity skills - you must be able to demonstrate:
- Deep, hands-on experience with defensive/offensive security fundamentals: threat detection, incident response, log analysis, digital forensics, security monitoring, penetration testing, etc;
- Proficiency with core security tools and frameworks (SIEM, EDR, IDS/IPS, MITRE ATT&CK, or similar)
- Strong understanding of network security, endpoint security, and cloud security principles
- Proven ability to investigate, analyse, and respond to real-world security incidents
Mandatory AI/ML security skills - you must also demonstrate:
- Solid grasp of AI/ML system architectures, data pipelines, and attack surfaces (model poisoning, data leakage, prompt injection, adversarial attacks, etc.)
- Ability to analyse and articulate AI system vulnerabilities, their potential impact, and available mitigation strategies
- Familiarity with AI/LLM security frameworks, such as:
- OWASP Top 10 for LLMs
- MITRE ATLAS
- NIST AI Risk Management Framework
- AI/ML Supply Chain Security (e.g., model provenance, dataset integrity)
- Hands-on skills with AI security tools (such as Garak, MLflow) and Python ML/AI libraries (TensorFlow, PyTorch, Hugging Face, etc.)
- Hands-on experience with creating AI agents - especially in the cyber field!
You should also bring:
- Excellent technical writing and communication skills, capable of translating complex AI security concepts into engaging, digestible learning material
- Ability to research and synthesise emerging AI security threats and defensive techniques
- Understanding of AI governance, model interpretability, and security best practices, * Experience building or evaluating LLM-based applications (e.g., LangChain, OpenAI API, Azure OpenAI, or Hugging Face)
- Familiarity with AI red teaming and adversarial testing
- Programming experience with Python, PowerShell, or Bash
- Experience with AI model testing, validation, or security assessment
- Understanding of MLOps security and CI/CD pipeline hardening
- Background in CTF challenge design or gamified cybersecurity content
- Previous experience creating technical training content or educational materials
- Security Certifications / AI certifications are a nice-to-have
- Experience working with or defending cloud-native AI infrastructure (e.g., Azure AI, AWS SageMaker, GCP Vertex AI)
100% Remote - In a fully digital world, work from anywhere you want!
Benefits & conditions
Flexi Time - Choose your own hours as long as you have at least 4 hours of overlap with the UK timezone (from 8am - 6pm)
Tools - a dedicated work laptop + any accessories you need to do your best work.
Swag Pack - start your TryHackMe journey with a branded swag bundle!
Personal Development - £2,500 training budget to acquire certifications, and more.
️ Company Retreat - an annual company retreat, fully paid for by us!
Lunch on us - whether you're a pizza-lover, salad obsessed or a big sushi fan, TryHackMe will cover the cost of your lunch order during our recurring company virtual lunches.
Health Insurance - if you're in a country that doesn't have public health care.
Enhanced Maternity & Paternity - an enhanced package on top of statutory requirements.