AI Threat Researcher
Securing autonomous AI is a brand-new problem space. Prompt injection, tool abuse, data exfiltration through agents, and malicious MCP servers are real threats with no settled playbook. At Cerbera, our research defines how we detect and stop them.
As an AI Threat Researcher, you will study how AI systems get attacked and abused, then turn that knowledge into the detections and controls inside our product.
This is a frontier role. You will publish, you will break things, and you will shape how the industry thinks about AI security. If staying ahead of attackers excites you, this is the seat.
[What you will do]
- Research emerging threats against AI systems: prompt injection, tool and agent abuse, data exfiltration, and malicious MCP servers
- Build proof-of-concept attacks to understand failure modes, then design the detections that stop them
- Translate research into product: work with engineering to ship detections and controls customers rely on
- Track the AI security landscape and keep Cerbera ahead of how attackers adapt
- Publish research and contribute to the conversation that is defining AI security as a field
- Advise customers and the team on the real risks of the AI tools and agents they deploy
[What we are looking for]
- Strong security research background, whether in offensive security, detection engineering, or applied ML security
- Deep curiosity about how AI systems work and how they can be manipulated
- Ability to go from a hypothesis to a working proof of concept to a shippable detection
- Clear written communication, since sharing findings is core to the role
- Self-driven and comfortable working at the edge of a field with no established answers
[Nice to have]
- Hands-on experience with LLMs, prompt injection, or adversarial ML
- Knowledge of MCP, agentic frameworks, or the broader AI tooling ecosystem
- A track record of published research, CVEs, or conference talks
- Experience building detection content for security products
[About Cerbera]
Cerbera is the security platform for the agent era, built by Bastion. We give security and engineering teams one control plane for every AI model, MCP server, browser, and coding agent in their company.
We are a small, senior team. Our founders spent years at Palantir as Forward Deployed Engineers, and we are building Cerbera the same way: close to the customer, fast, and obsessed with the real problem. You will have real ownership and your work will ship to companies securing autonomous AI in production.
Interested in this role?
Send us your CV and a short note about why this role excites you. We would love to hear from you.
Apply now