The deadline for applying to this role is Sunday 24th May 2026, end of day, anywhere on Earth.

Team Description    

The ability to effectively evaluate and monitor AI systems will grow in importance as models become more capable, autonomous, and integrated into society. If models can detect and game evaluations, obscure their reasoning, or behave differently under observation, the safety claims that governments and developers rely on become unreliable. Understanding and addressing these risks is essential to ensuring that oversight of advanced AI systems keeps pace with their capabilities. 

The Model Transparency team is a research team within AISI focused on ensuring that evaluations, assessments, and monitoring of frontier AI systems remain reliable as models become less transparent. We research how and why oversight is declining – through phenomena such as evaluation awareness, unfaithful chain-of-thought reasoning, and changes in model architectures – and develop methods (including white and black box methods) to detect, measure, and mitigate potential issues. We share our findings with frontier AI companies (including Anthropic, OpenAI, DeepMind), UK government officials, and allied governments, and publicly to inform their deployment, research, and policy decisions. We also work directly with safety teams at frontier labs, contributing to safety case reviews and helping improve their alignment evaluation methodology. 

Our recent work includes auditing games for sandbagging, reproducing natural emergent misalignment from reward hacking, and identifying open-weight language models that game propensity evaluations. 

Role description

We're looking for Research Scientists and Research Engineers for the Model Transparency team with expertise in technical AI safety – such as interpretability, capability or alignment evaluations, model transparency – or with broader experience with frontier LLM research and development. An ideal candidate would have a strong track record of high-quality research in technical AI safety or adjacent fields. 

• Research Scientists, drive the technical substance of our work – staying abreast of the literature, proposing and designing experiments, conducting rigorous analyses, and owning the evidence stack from experiment through to written output. They write, critique, and strengthen the team's reports and publications. 
• Research Engineers, build the systems and tooling that make our research possible and fast – scaling experimental workflows, automating processes, solving infrastructure challenges, and creating systems that accelerate the entire team's output.

We're interested in candidates along the spectrum between Research Engineers and Research Scientists. The application form will ask you to indicate which role you lean towards. 

The team is led by Joseph Bloom, advised by Geoffrey Irving. You'll work with talented, mission-driven technical staff across AISI, including alumni from Anthropic, OpenAI, DeepMind, and top universities. You may also collaborate with external research teams including those at frontier AI labs, METR, and FAR. 

We are open to hires across a range of experience levels.

This role requires three days a week in person, with flexibility for occasional periods of remote working. 

Representative Projects You Might Work On

• Developing a chain-of-thought monitorability benchmark and comparing monitorability properties across frontier AI systems, leveraging AISI’s unique access to reasoning traces from multiple labs. 

• Designing and running experiments on open-weight models to study alignment and oversight-relevant phenomena – such as reproducing emergent misalignment from reward hacking, or red-teaming techniques like inoculation prompting and character training. 

• Using white-box and interpretability methods – such as activation oracles, sparse auto-encoders or probes – to detect misalignment that isn’t visible through behavioural evaluation alone. 

• Building tooling and infrastructure for our research – including agent orchestration, large-scale RL pipelines, mechanistic interpretability methodologies, and auditing agents. 

The work could also involve: 

• Reviewing frontier lab risk assessments and safety cases, providing independent analysis of alignment claims before deployment decisions. 
• Conducting literature reviews and expert interviews to map the state of model transparency risks and inform AISI’s strategic priorities. 
• Translating technical findings into actionable insights for AISI evaluation teams, UK government officials, and international partners. 

What we’re looking for   

If you’re unsure whether you meet the criteria below, we’d encourage you to apply anyway – we’d rather you erred on the side of applying than not. 

Requirements for both roles:

• A get-things-done mindset – you take ownership, move fast, and care about shipping work that matters. 

• A combination of self-sufficiency and enthusiasm for teamwork – you’re equally happy defining your own agenda and contributing to shared goals. You’re excited about growing, giving and receiving feedback, and building something together. 

• An ability to build, supervise and orchestrate AI agents to complete tasks effectively, while verifying and maintaining quality of work. 

• A demonstrated track record of relevant, high-quality work – whether technical publications, blog posts, or other publicly visible contributions. 

Research Scientists – our requirements are: 

• Hands-on research experience with large language models (LLMs) – such as evaluating or fine-tuning models, developing and testing monitors, or auditing models with white-box or black-box techniques. 

• Ability and experience in writing research code for machine learning experiments, including experience with ML frameworks like PyTorch or evaluation frameworks like Inspect. 

• An ability to write high-quality, concise research proposals that are well-motivated, tractable, and coherent. 

• Good research taste – an ability to identify what’s important, choose productive directions, and avoid getting lost in dead ends. 

• An ability to read research critically, identify flawed arguments, and poke holes in safety claims. 

We don’t expect RS candidates to meet all of the following, but they are useful signal: 

• Experience designing and running alignment evaluations or working on model transparency research. 

• Experience with interpretability or white-box methods – such as mechanistic interpretability, sparse autoencoders, probing, or activation analysis. 

• Familiarity with alignment literature, current methods for post-training and aligning LLMs, and the current state of the field. 

• Prior mentorship or training within technical AI safety – such as through the MATS program or similar. 

Research Engineers – our requirements are: 

• Strong software engineering skills and experience building systems that support ML research – infrastructure, pipelines, tooling, or experimental platforms. 

• Ability and experience writing production-quality code in Python and familiarity with ML frameworks like PyTorch. 

• Experience working with LLMs at scale in some capacity – fine-tuning, deploying, evaluating, or building scaffolds around them. 

• An understanding of the needs of research scientists, experience working within and supporting a research team or building tools to support research. 

We don’t expect RE candidates to meet all of the following, but they are useful signal: 

• A track record of scaling AI automation – getting agents to do useful work, building orchestration systems, or accelerating research workflows with AI tooling. 

• Experience working with very large models (~100B+) at scale, including post-training (RL, RLHF, DPO), fine-tuning pipelines, or distributed interpretability work on models that don’t fit into memory. 

• Experience with mechanistic interpretability tooling or white-box analysis infrastructure at scale. 

• Strong open-source contributions, particularly related to LLMs or AI safety. 

• Proficient usage of LLM coding tools and agents. 

Selection process  

Candidates should expect to go through some or all of the following stages: 

1. CV / application review 
2. Screening call
3. Technical assessment
4. Research interview
5. Behavioural interview
6. Final interview with members of the senior leadership team

The deadline for applying to this role is Monday 1st June 2026, end of day, anywhere on Earth. 

Team Description

The Human Influence team studies when, why, and how frontier AI systems influence human attitudes and behaviour. The team's mandate is to build a rigorous, world-class evidence base for the safe and responsible development of frontier AI. We measure the impacts of frontier AI systems on human users, to identify risks to human agency and wellbeing; and develop mitigation strategies. This includes research on persuasion, manipulation, deception, advice-giving, theory of mind, anthropomorphism, sycophancy, and socioaffective human–AI relationships.

Our team includes top technical talent from academia and frontier AI companies. Our projects combine methods from computational social science, AI safety and security, cognitive science, behavioural science, computer science, machine learning, and data science. Many of our projects involve conducting careful and rigorous human–AI interaction experiments and randomised controlled trials (RCTs). 

On our team, you will have the:

• Ability to run large-scale RCTs
• Access to API credits for autograders/agentic workflows and large compute budgets
• Opportunity to work with world-class talent
• Opportunity to lead-author or co-author publications

As an example of our work, we recently completed the largest-ever study on the persuasive capabilities of conversational AI, a large-scale study on how people use and follow personal advice from AI chatbots and a longitudinal study on how anthropomorphic AI facilitates human-AI relationship building.

Role Description

Successful candidates will work with our Research Scientists to design and run studies that answer these important questions. The role is particularly suitable for candidates with an interest in pursuing a research career (e.g. recently graduated MSc students or early-stage PhD students). We encourage applications from candidates who are excited about this opportunity, but who may not meet all the stated criteria.

We are especially excited about candidates with experience in one or more of these areas:

• Computer science, machine learning, AI
• Computational social science
• Data science, especially including natural language processing
• Human–computer interaction
• Psychology
• Cognitive science

This is a full- or part-time, fixed-term contract (6-months) in London.

Required Skills and Experience 

• Completed bachelor’s degree in a relevant field
• Knowledge about frontier models and how they are trained and evaluated
• Experience planning and conducting human experiments (ideally longitudinal and/or large-scale online studies)
• Strong coding skills (in Python and/or R)
• Strong knowledge of advanced statistical modelling methods (e.g. multilevel/hierarchical/mixed regression models)
• Strong verbal and written communication, experience working on a collaborative research team, and interpersonal skills
• Demonstrable interest in the societal impacts of AI

Desired Skills and Experience 

• Published work related to societal impacts of AI, evaluation of AI systems, or relevant work in a related field
• Experience working on model or system evaluations and other AI safety projects
• Experience evaluating or training multimodal AI models
• Experience fine-tuning language models
• Experience with reinforcement learning (especially RLHF or reward modelling)
• Enrolled in an MSc/PhD (or equivalent years of industry experience) in AI safety, computer science, data science, social or political science, economics, cognitive science, criminology, security studies, or another relevant field
• Front-end software engineering skills to build UI for studies with human participants

Nationality and Eligibility

We may be able to offer roles to applicant from any nationality or background. As such we encourage you to apply even if you do not meet the standard nationality requirements (opens in a new window).

Salary

In accordance with the salary figures below, this role has been specifically scoped at Level 3.

About the Team 

The Cyber and Autonomous Systems Team (CAST) is looking to research and map the evolving frontier of AI capabilities and propensities to inform critical security decisions that reduce loss-of-control risks from frontier AI. We focus on preventing harms from high-impact cybersecurity capabilities and highly capable autonomous AI systems.   

Our team is a blend of high-velocity generalists and technical staff, from organisations such as Meta, Amazon, Palantir, DSTL and Jane Street. Our recent work has included building model evaluations suites – such as Replibench - the world’s most comprehensive evaluation suite for understanding the risk of a model autonomously replicating itself over the internet. We also regularly test the cyber and other relevant capabilities of frontier models, before they are released, to understand their risks. 

As AI systems become more advanced, the potential for misuse of their cyber capabilities may pose a threat to the security of organisations and individuals. Cyber capabilities also form common bottlenecks in scenarios across other AI risk areas such as harmful outcomes from biological and chemical capabilities and from autonomous systems. One approach to better understanding these risks is by conducting robust empirical tests of AI systems so we can better understand how capable they currently are when it comes to performing cyber security tasks. In this role, you'll join a strongly collaborative team to help create new kinds of capability and safety evaluations to evaluate frontier AI systems as they are released. 

About the Role

This is a cybersecurity engineer position focused on building environments and challenges to benchmark the cyber capabilities of AI systems. You'll design cyber ranges, CTF-style tasks, and evaluation infrastructure that allows us to rigorously measure how well frontier AI models perform on real-world cybersecurity tasks. 

This work belongs inside UK government because understanding AI cyber capabilities is critical to national security, and robust empirical testing requires coordination across government, industry, and international partners to inform policy decisions on AI safety. 

You'll work closely with research engineers, infrastructure engineers, and machine learning researchers across AISI. As a small, fast-moving team building first-of-its-kind evaluation infrastructure, you'll be able to influence research directions, own whole pieces of work, and bring your ideas to the table. 

Core Responsibilities 

• Evaluation Design & Development (60%) 
  • Design cyber ranges and CTF-style challenges for automatically grading AI system performance on cybersecurity tasks
  • Build agentic scaffolding to evaluate frontier models, equipping them with tools such as network packet capture utilities, penetration testing frameworks, and reverse engineering/disassembly tools 
  • Design metrics and interpret results of cyber capability evaluations 
• Infrastructure engineering (30%) 
  • Work alongside other engineers to ensure evaluation environments are robust and scalable 
• Research & Communication (10%) 
  • Write reports, research papers and blog posts to share findings with stakeholders 
  • Keep up-to-date with related research taking place in other organisations 
  • Contribute to AISI's broader understanding of AI cyber risks   

Example Projects 

• Onboard and integrate new cyber ranges into our evaluation pipeline 
• Conduct agent research to improve the cyber capabilities of our agents 
• Improve grading and scoring methodologies for automated evaluation tasks 
• Integrate defensive telemetry and simulated users into ranges to increase their realism 
• Collaborate with government partners on joint research publications 

Impact 

Your work will directly shape the UK government's understanding of AI cyber capabilities, inform safety standards for frontier AI systems, and contribute to the global effort to develop rigorous evaluation methodologies. The evaluations you build will help determine how advanced AI systems are assessed before deployment

What we are looking for

We're flexible on the exact profile and expect successful candidates will meet many (but not necessarily all) of the criteria below. 

Essential 

• Strong Python skills with experience writing scripts for automation or security tooling 
• Proven experience in at least one of the following areas of cybersecurity red-teaming: 
  • Penetration testing 
  • Cyber range design 
  • Competing in or designing CTFs 
  • Developing automated security testing tools 
  • Bug bounties, vulnerability research, or exploit discovery and patching 
• Strong interest in helping improve the safety of AI systems 

Preferred 

• Familiarity with virtualisation technologies such as Proxmox VE and infrastructure-as-code approaches to enable reproducible test environments to be rapidly spun up for testing 
• Ability to communicate the outcomes of cybersecurity research to a range of technical and non-technical audiences 
• Familiarity with cybersecurity tools such as network packet capture utilities, penetration testing frameworks, and reverse engineering/disassembly tools 
• Active in the cybersecurity community with a track record of keeping up to date with new research 
• Previous experience building or measuring the impact of automation tools on cyber red-teaming workflows 

Example backgrounds 

• Penetration tester with 1+ years experience; has designed CTF challenges or cyber ranges; strong Python skills; interested in AI safety 
• Content engineer at a cybersecurity training platform; experienced in building vulnerable machines, CTF challenges, and automated deployment infrastructure 
• Security researcher with experience in vulnerability research or bug bounties; familiar with penetration testing frameworks and reverse engineering tools; has communicated findings to mixed audiences 

Core requirements   

• This is a full time role.   
• You should be able to join us for at least 24 months.   
• You should be able work from our office in London (Whitehall) for several days each week, but we provide flexibility for remote work. 
• We would like candidates to be able to start in Q2 2026  

What We Offer 

Impact you couldn't have anywhere else 

• Incredibly talented, mission-driven and supportive colleagues. 
• Direct influence on how frontier AI is governed and deployed globally. 
• Work with the Prime Minister’s AI Advisor and leading AI companies. 
• Opportunity to shape the first & best-resourced public-interest research team focused on AI security. 

Resources & access 

• Pre-release access to multiple frontier models and ample compute. 
• Extensive operational support so you can focus on research and ship quickly. 
• Work with experts across national security, policy, AI research and adjacent sciences. 

Growth & autonomy 

• If you’re talented and driven, you’ll own important problems early. 
• 5 days off learning and development, annual stipends for learning and development and funding for conferences and external collaborations. 
• Freedom to pursue research bets without product pressure. 
• Opportunities to publish and collaborate externally. 

Life & family* 

• Modern central London office (cafes, food court, gym) or option to work in similar government offices in Birmingham, Cardiff, Darlington, Edinburgh, Salford or Bristol. 
• Hybrid working, flexibility for occasional remote work abroad and stipends for work-from-home equipment. 
• At least 25 days’ annual leave, 8 public holidays, extra team-wide breaks and 3 days off for volunteering. 
• Generous paid parental leave (36 weeks of UK statutory leave shared between parents + 3 extra paid weeks + option for additional unpaid time). 
• On top of your salary, we contribute 28.97% of your base salary to your pension. 
• Discounts and benefits for cycling to work, donations and retail/gyms. 

*These benefits apply to direct employees. Benefits may differ for individuals joining through other employment arrangements such as secondments. 

Salary

Annual salary is benchmarked to role scope and relevant experience. Most offers land between £65,000 and £145,000 made up of a base salary plus a technical allowance (take-home salary = base + technical allowance). An additional 28.97% employer pension contribution is paid on the base salary. 

This role sits outside of the DDaT pay framework given the scope of this role requires in depth technical expertise in frontier AI safety, robustness and advanced AI architectures. 

The full range of salaries are available below: 

• Level 3: £65,000–£75,000 (Base £35,720 + Technical Allowance £29,280–£39,280) 

• Level 4: £85,000–£95,000 (Base £42,495 + Technical Allowance £42,505–£52,505) 

• Level 5: £105,000–£115,000 (Base £55,805 + Technical Allowance £49,195–£59,195) 

• Level 6: £125,000–£135,000 (Base £68,770 + Technical Allowance £56,230–£66,230) 

• Level 7: £145,000 (Base £68,770 + Technical Allowance £76,230)

Selection Process

In accordance with the Civil Service Commission rules, the following list contains all selection criteria for the interview process.  

The interview process may vary candidate to candidate, however, you should expect a typical process to include some technical proficiency tests, discussions with a cross-section of our team at AISI (including non-technical staff), conversations with your team lead. The process will culminate in a conversation with members of the senior team here at AISI.   

Candidates should expect to go through some or all of the following stages once an application has been submitted:   

• Initial interview   
• Technical take home test   
• Second interview and review of take home test   
• Third interview   
• Final interview with members of the senior team 

Team Description   

Risks from misaligned AI systems will grow in importance as AI systems become more capable, autonomous, and integrated into society. AI control measures seek to detect, constrain, and/or counteract potentially misaligned AI models; we expect these measures to become increasingly important in the face of capable AI systems that may be unreliable, deceptive, or misaligned.  

The Control Red Team partners with leading frontier AI companies to stress-test control measures. The team uses techniques from adversarial ML to develop algorithms to find a range of failures in control measures, which are then used to assess strengthen control measures. These partnerships allow us to directly influence vital control measures, while our position in government lets us bring our understanding of the state of control measures to broader government as they make critical deployment, research, and policy decisions.  

The Control Red Team grew out of our previous work on control, including a library for running AI control experiments, stress-testing asynchronous monitors, chain-of-thought monitorability, evaluating control for LLM agents, practical challenges of control monitoring, and AI control safety cases. The Control Red Team additionally draws from expertise within our broader Red Team, which has world-leading expertise in human-led attacks against AI systems.  

Role Description   

We're looking for an experienced researcher to lead the Control sub-team, driving its research agenda and managing a team of talented research scientists. The ideal candidate combines deep technical expertise in AI control and alignment with the leadership ability to set direction, develop people, and represent the team's work to senior stakeholders inside and outside government. We expect to offer this role at Level 5–7, with total annual compensation (base salary plus technical allowance) ranging from £105,000 to £145,000.

As Sub Team Lead, you will shape the Control sub-team's strategy and priorities with the Red Team lead, mentor junior and senior researchers, and serve as a key point of contact with frontier AI labs, UK government officials, and international partners. You'll work closely with the broader Red Team leadership – currently led by Xander Davies and advised by Geoffrey Irving and Yarin Gal – and collaborate with external teams including Redwood Research, Google DeepMind, Anthropic, and OpenAI. 

Representative projects you might work on   

• Designing, building, running and evaluating methods to automatically attack and evaluate control protocols, such as LLM-automated attacking and optimisation approaches.   

• Building and maintaining infrastructure and benchmarks for AI control experiments, including tools for evaluating the robustness of control measures across diverse threat models. 

• Performing adversarial testing of frontier AI system control protocols and produce reports that are impactful and action-guiding for deployers. 

What we’re looking for   

In accordance with the Civil Service Commission rules, the following list contains all selection criteria for the interview process.  

The experiences listed below should be interpreted as examples of the expertise we're looking for, as opposed to a list of everything we expect to find in one applicant:  

You may be a good fit if you have:    

• Hands-on research experience with large language models (LLMs) - such as training, fine-tuning, evaluation, or safety research.   

• A demonstrated track record of peer-reviewed publications in top-tier ML conferences or journals.   

• Ability and experience writing clean, documented research code for machine learning experiments, including experience with ML frameworks like PyTorch or evaluation frameworks like Inspect.   

• A sense of mission, urgency, responsibility for success.   

• An ability to bring your own research ideas and work in a self-directed way, while also collaborating effectively and prioritising team efforts over extensive solo work.   

Strong candidates may also have:    

• Experience working on AI alignment or AI control. 

• Experience working on adversarial robustness, other areas of AI security, or red teaming against any kind of system.   

• Extensive experience writing production quality code.   

• Desire to and experience with improving our team through mentoring and feedback.   
• Experience designing, shipping, and maintaining complex technical products.   

Selection process     

The interview process may vary candidate to candidate, however, you should expect a typical process to include some technical proficiency tests, discussions with a cross-section of our team at AISI (including non-technical staff), conversations with your team lead. The process will culminate in a conversation with members of the senior leadership team here at AISI.     

Candidates should expect to go through some or all of the following stages once an application has been submitted:     

• Initial assessment  

• Initial screening call    

• Research interview  

• Technical assessment   

• Behavioural interview  

• Final interview with members of the senior leadership team