Lead Offensive AI Security

Are you passionate about applying the latest advances in offensive security and DevSecOps to real-world challenges? At Plain Security Studios, we’re reshaping how organizations test, secure, and evolve their cyber defense strategies using AI. As Lead Defensive AI Security, you’ll lead the transformation of red teaming, adversarial testing, and secure development practices for next-generation environments — from LLM applications to CI/CD pipelines.

You will report directly to the VP of Plain Security and lead a growing team of specialists focused on Offensive AI and DevSecAIOps. Your role will be both strategic and hands-on: helping clients build safer AI systems, improving their ability to prevent and detect threats, and embedding security directly into their engineering workflows. If you’ve been part of the red team, the blue team, or built both sides into one, this is your chance to define what modern defensive security looks like in the age of AI.

Key Responsibilities

• Offensive AI Strategy & Delivery: Lead the design and execution of AI-augmented red and purple team operations. Simulate real-world attacks to uncover risks in LLM-based applications, AI pipelines, and modern cloud environments.
• Adversarial Testing of AI Systems: Develop and apply methodologies to assess prompt injection, data leakage, insecure agents, and other vulnerabilities in AI-driven software. Bring an attacker’s mindset to our clients’ most advanced systems.
• DevSecOps & Automation: Help clients integrate security into the development lifecycle. Lead secure-by-design initiatives, threat modeling, and build automated security checks into CI/CD environments using modern tooling (Azure, GitHub, etc.).
• Client Advisory & Innovation Enablement: Partner with product, AI, and engineering teams to improve their security posture without slowing down innovation. Translate red team insights into actionable improvements for developers, architects, and CISOs.
• Tooling & Reusability: Build automation, scripts, and AI-based security tools to accelerate assessments. Leverage LLMs or security copilots to scale red team insights across environments and clients.
• Evangelism & Enablement: Create internal frameworks, methodologies, and reusable templates for offensive assessments. Share best practices across the studio and help less experienced teams apply offensive techniques.
• Knowledge Sharing: Keep your team and clients up to date on threat actor TTPs, novel attack chains, and defense strategies. Identify opportunities to evolve legacy assessments into modern, AI-aware techniques.
• Strategic Mentorship: Grow and guide a cross-disciplinary team of consultants. Foster a culture of curiosity, excellence, and continuous learning.

Requirements

• Technical Background: Bachelor’s or Master’s in Computer Science, Cybersecurity, Engineering, or related field.
• Cybersecurity Experience: At least 7 years in offensive or adversarial security (red teaming, pentesting, exploit development), including 3+ years leading technical teams or high-impact assessments.
• AI-Aware Security Mindset: Deep interest or hands-on experience in securing AI/LLM systems — including prompt injection, agent manipulation, adversarial inputs, and dynamic UI risks.
• Cloud & DevSecOps Knowledge: Proficiency in secure CI/CD practices, infrastructure-as-code, and cloud-native security (Azure preferred). Experience implementing security automation in pipelines.
• Programming & Scripting: Strong scripting/coding skills (e.g. Python, PowerShell) to build tools and automate testing. Familiarity with fuzzing, static analysis, or LLM-based automation is a plus.
• Security Tooling: Experience with common offensive security tools (e.g. Burp, Nmap, BloodHound, Metasploit), and optionally deeper tools like IDA/Ghidra, fuzzers, or threat emulators.
• Client Engagement & Communication: Ability to clearly present technical findings and risk models to technical and non-technical stakeholders, including senior leadership. Strong writing and storytelling skills.
• Strategic Vision: Capacity to look beyond immediate findings and advise clients on long-term defense improvements and architectural design.
• Language: Fluent English (B2 minimum). Spanish is a plus. Certifications (OSCP, CRTO, GIAC, etc.) are valued but not mandatory.

Benefits

• Salary determined by the market and your experience 🤑

• Flexible schedule 35 Hours / Week 😎
• Fully remote work (optional) 🌍
• Flexible compensation (restaurant, transport, and childcare) ✌
• Fully free health insurance, with a co-payment for dental services 🚑
• Individual budget for training or equipment and free Microsoft certifications 📚
• English lessons 🗽
• Birthday day off 🌴🥳
• Monthly bonus for electricity and Internet expenses at home 💻
• Discount on gym plan and sports activities 🔝
• Plain Camp (annual team-building event) 🎪
• Extra perks: events attendance and speakers, welcome pack, baby basket, Christmas basket, discount portal for employees ➕ The pleasure of always working with the latest technological tools!

Will you let us know you better?

The selection process: Simple, just 3 steps.

• Phone screen
• 2 interviews with the team 🤘

What is Plain Concepts?

Plain Concepts is a global company of over 500 people passionate about technology and innovation. Since our founding, we have grown through technical proficiency and confidence in ideas that others might consider risky, creating custom solutions for our clients. With offices in more than 6 countries, our mission is to continue to drive cuttingedge projects around the world.

We are highly committed to technical excellence. We are known for developing highly customized projects, offering specialized technical consultancy and training.

Thanks to the great work of our technicians, we have been recognized for our ability to lead innovative projects that generate value, from artificial intelligence to blockchain, driving solutions that help companies optimize their performance.

What we do at Plain Concepts?

We pride ourselves on being a 100% technical team, dedicated to crafting custom projects from scratch, offering expert technical consultancy, and providing top-tier training.

• Our approach goes beyond traditional outsourcing; we focus on creating value together with our clients.
• Our teams are diverse and multidisciplinary, operating in a flat, collaborative structure.
• We live and breathe AGILE principles, ensuring flexibility and efficiency in everything we do.
• Knowledge-sharing is at our core: from supporting each other internally to contributing to the broader tech community through conferences, events, and talks.
• Innovation drives us — even the boldest ideas are welcome here.
• Transparency underpins all our relationships, fostering trust and long-term partnerships.

Want to learn more?

Check out our website! ➡ https://www.plainconcepts.com/

At Plain Concepts, we certainly seek to provide equal opportunities. We want diverse applicants regardless of race, colour, gender, religion, national origin, citizenship, disability, age, sexual orientation, or any other characteristic protected by law.