About this AI Cybersecurity Engineer (Offensive Security & Threat Modeling) role at Xenon7
About Us:
Where elite tech talent meets world-class opportunities!
At Xenon7, we work with leading enterprises and innovative startups on exciting, cutting-edge projects that leverage the latest technologies across various domains of IT including Data, Web, Infrastructure, AI, and many others. Our expertise in IT solutions development and on-demand resources allows us to partner with clients on transformative initiatives, driving innovation and business growth. Whether it's empowering global organizations or collaborating with trailblazing startups, we are committed to delivering advanced, impactful solutions that meet today’s most complex challenges.
About the Client:
Join one of Egypt’s premier financial institutions, renowned for its extensive suite of banking services, including Institutional Banking, Personal Banking, and Islamic Banking. With a global presence through over 50 branches and correspondents, we serve a diverse and dynamic clientele. As we embark on a groundbreaking digital transformation journey, we are committed to leveraging the latest technologies to establish a state-of-the-art data architecture that will redefine our performance and service delivery.
About the Role
As a leading financial institution in Egypt, we are heavily investing in localized AI and Machine Learning capabilities to drive innovation while maintaining total data sovereignty. Our Cybersecurity Department is looking for a highly skilled AI Cybersecurity Engineer with a deeply offensive mindset.
Operating entirely within our secure, high-performance on-premises infrastructure, you will act as an internal adversary. Your mission is to proactively threat model, simulate advanced cyberattacks (Red Teaming), and manage algorithmic risks to detect and neutralize vulnerabilities in our AI systems before they can be exploited.
Key Responsibilities
- Predictive AI Threat Modeling: Lead advanced threat-modeling exercises across the bank’s localized AI/ML pipelines, data repositories, and training environments. Anticipate sophisticated attacker behaviors to design preemptive security guardrails before models are moved to production.
- AI Red Teaming & Offensive Simulations: Conduct targeted offensive operations and ethical hacking against our on-premises AI infrastructure. Simulate real-world adversarial attacks, including data poisoning, model inversion, membership inference, evasion attacks, and prompt injection.
- Framework Mapping with MITRE ATLAS: Implement and operationalize the MITRE ATLAS (Adversarial Threat Landscape for Artificial-Intelligence Systems) framework. Map identified vulnerabilities to ATLAS tactics and techniques to build a robust, AI-specific defensive matrix aligned with traditional MITRE ATT&CK.
- On-Premises Infrastructure Hardening: Assess and secure the physical and virtual infrastructure hosting our AI workloads, including bare-metal GPU clusters, local containerized environments (Kubernetes/OpenShift), and private data registries, ensuring strict isolation from external threats.
- Proactive Risk Management & Early Detection: Collaborate with the SOC and data engineering teams to build predictive detection use-cases and custom alerts. Identify the early warning signs of an AI-targeted attack or data exfiltration attempt before malicious actors can compromise model integrity.
Requirements
- Professional Experience: 5+ years of dedicated experience in Offensive Security, Red Teaming, or Advanced Penetration Testing, with a proven pivot and at least 2 years of hands-on experience securing or attacking AI/ML workloads.
- Banking Sector Experience (Mandatory): Prior experience working within a regulated financial institution in Egypt. You must understand the security constraints, compliance mandates, and audit rigor required by the Central Bank of Egypt (CBE) for on-premises operations.
- Deep Mastery of AI Attack Frameworks: Expert-level knowledge of MITRE ATLAS and the OWASP Top 10 for Large Language Models (LLMs). You must have a proven track record of translating these theoretical frameworks into practical, automated offensive playbooks.
- On-Prem & Core Technical Skills: * Strong proficiency in Python or bash scripting to build custom exploit or testing tools.
- Deep understanding of on-premises infrastructure components (Linux administration, private networking, storage area networks).
- Direct experience with container security (Docker, Kubernetes) and secure MLOps pipelines.
- Education & Certifications: * Bachelor’s degree in Computer Science, Cybersecurity, Computer Engineering, or a strictly related field.
- Highly valued offensive certifications: OSCP, OSCE, CRTP, or GPEN, alongside any specialized AI/ML security credentials.
- Mindset & Communication: A relentlessly curious, adversarial mindset balanced with strong risk management disciplines. The ability to clearly articulate complex, highly technical AI vulnerabilities into actionable remediation plans for data scientists and senior banking executives. Fluency in English.
Benefits
- Attractive, market-leading salary package
- Clear career advancement path with professional development opportunities