Come work at a place where innovation and teamwork come together to support the most exciting missions in the world!
Qualys is a leading provider of cloud-based security and compliance solutions, processing vast amounts of data to help our global customers secure their networks, devices, and applications. With a strong focus on innovation and scale, Qualys empowers organizations to achieve continuous security and compliance through real-time visibility and analytics. As we continue to grow, we are looking for passionate and skilled professionals to join our mission in redefining the future of cybersecurity.
We are seeking an experienced and curious AI Security Researcher to explore and uncover vulnerabilities at the intersection of artificial intelligence, machine learning, and cybersecurity. You will play a critical role in identifying risks in LLM-powered systems, adversarial inputs, model manipulation techniques, prompt injection exploits, and other emerging AI threats.
This role is perfect for someone who has a strong background in security research, a deep understanding of AI/ML systems and architectures, and a passion for red teaming, adversarial testing, and threat modeling in AI contexts.
Conduct in-depth research on security vulnerabilities in LLMs and AI systems, including prompt injection, jailbreaks, data leakage, and adversarial attacks.
5+ years of experience in security research, penetration testing, or exploit development, with a focus on application or cloud security.
Strong working knowledge of machine learning and LLM architectures (e.g., transformers, embeddings, fine-tuning, RAG).
Familiarity with GenAI-specific risks such as prompt injection, model evasion, hallucination-based exploits, data leakage, or model theft.
Hands-on understanding of LLM deployment scenarios (e.g., OpenAI, HuggingFace, custom-hosted models) and threat surfaces involved.
Ability to analyze logs, API interactions, inference responses, and prompt chains to identify anomalous or risky behavior.
Knowledge of vector database risks, insecure RAG pipelines, model fingerprinting, and AI model supply chain attacks.
Experience using or contributing to tools like LangChain, AutoGen, Guardrails.ai, LLM Guard, or Tracer.
Publications or presentations in conferences like Black Hat, DEF CON, USENIX, NeurIPS, or OWASP.
Familiarity with Secure SDLC, threat modeling frameworks (e.g., STRIDE, MITRE ATLAS), and AI-specific security checklists.
Competitive Compensation: We offer a comprehensive benefits package, including healthcare, retirement plans, and more.