Introduction
At IBM, work is more than a job – it’s a calling: To build. To design. To code. To consult. To think along with clients and sell. To make markets. To invent. To collaborate. Not just to do something better, but to attempt things you’ve never thought possible. Are you ready to lead in this new era of technology and solve some of the world’s most challenging problems? If so, lets talk.

Your Role and Responsibilities
At IBM, we help defenders continuously assess their real-world security. Our Adversary Services offering provides an experience designed to mirror today’s advanced adversaries, not yesterday’s threats. We partner with security teams to help them understand the art of the possible by delivering an unrivaled attack experience, at scale.

As an Offensive AI Researcher & Tester within IBM’s X-Force Adversary Services team you’ll both test AI systems as well as leverage AI with cutting-edge X-Force methodologies and sophisticated capabilities to keep X-Force on the bleeding edge of red teaming innovation. You’ll be responsible for inventing clever ways of utilizing AI for breaching customer networks and bypassing security controls, while working side by side with our offensive engineers, researchers, and developers to drive those innovations throughout our toolset and across our customers.

Simulating sophisticated threat actors takes industry leading offensive research, advanced capabilities, and mature methodology. We believe offensive AI research is essential for both simulating various sophistication levels of threat actors and enabling defenders to better understand, defend, and respond to attacks. IBM’s X-Force Adversary Services team is considered one of the top teams in the industry because we leverage Continuous Capability Development and Delivery (C2D2) to drive research, new tools, and develop mature Standard Operation Procedures (SOPs) and to ensure all operators are delivering red team exercises to the highest technical standards. We leverage automation and AI in targeting, tasking, and analysis to free up our human operators to solve the more interesting challenges for hacking the world’s largest banks, defense contractors, and critical industries.

We are looking for individuals that are driven, proactive, thorough, and forward looking, and most of all, know what’s needed to be part of an effective team.

Responsibilities of the Role:
• Solving problems that do not have known solutions
• Help develop methodologies for offensive AI design, implementation, and testing
• Help develop offensive AI tooling and frameworks
• Help develop and prototype novel AI capabilities and techniques
• Researching threats, vulnerabilities, and exploit techniques within AI technologies
• Incorporate feedback loops with peers on AI research and tooling
• Provide guidance and offense-related insights throughout IBM on AI technologies

HHM24

Required Technical and Professional Expertise
Experience attacking AI systems:

• Experience with Model Evasion, Extraction, Inversion, Poisoning attacks as well as LLM Prompt Injection
• Attacking RAG interfaces, deployment orchestrators, and integrations with associated XaaS platform infrastructure
• Application security testing experience

Offensive use of AI agents and workflows:

• Experience evaluating AI models and creating test harnesses for offensive use
• Experience with iterative multi-stage offensive tasking and targeting workflows leveraging DAG or similar
• Demonstrated experience using and creating offensive agents which support shifting towards a Human-on-the-Loop approach for offensive tasks that are good candidates for automation
• 5+ years of adversary tradecraft industry experience
• Experience with training, testing, and optimizing machine learning models using frameworks such as Optuna or otherwise

Development experience:

• 5+ years coding in two or more programming languages (Python, C#, C/C++, Assembly, Rust)
• Knowledgeable of the phases of software development, from gathering requirements to deployment (SDLC)
• Experience with enterprise data lakes, relational/vector databases, complex data structures and data analysis tools, offensive data schema development and format conversations
• Proficient in debugging (gdb, WinDbg)
• Binary analysis using a reverse engineering platform like IDA, Ghidra, or Binary Ninja
• Experience using and validating AI-as-a-Service platforms such as with AI platforms such as Amazon SageMaker, Azure ML, BigML, Watsonx.ai
• Knowledgeable of Continuous Integration/Continuous Deployment (CI/CD) pipelines that automate testing and deployment (Azure DevOps, TeamCity, Jenkins)
• Knowledgeable of Infrastructure as Code (IaC) (Terraform, Ansible)
• Knowledgeable of scalable system design and architecture
• Knowledgeable of version control systems, such as Git

Preferred Technical and Professional Expertise

• BA/BS in an Infosec related major or commensurate practical experience
• History of developing open-source software for the security community
• History of presenting at security conferences
• Experience with Adversarial Robustness Toolbox, TextAttack, Augly, etc.
• Track record in vulnerability research and CVE assignments related adversarial ML
• Experience performing Adversary Simulation engagements against hardened and restricted environments
• Experience supporting Red Team Operators through development of tooling
• Knowledge of Windows internals
• Knowledge of EDR detection capabilities and associated evasion techniques for behavioral based alerting
• Experience with network protocols and packet capture
• Demonstrated exploit, payload, or attack framework development experience
• Knowledge of Linux internals, Active Directory, Mac, Windows workstations and servers
• Relevant certifications from organizations like Offensive Security’s OSCE, SANS’ GXPN, or CREST’s CSAT/CSAM or demonstrable equivalent skills
• Prior security consulting experience