Jobs Companies Trail of Bits Senior Security Engineer, Agentic AI

About this Senior Security Engineer, Agentic AI role at Trail of Bits

Trail of Bits · United States

Who We Are

Founded in 2012 by 3 expert hackers with no investment capital, Trail of Bits is the premier place for security experts to boldly advance security and address technology’s newest and most challenging risks. It has helped secure some of the world's most targeted organizations and devices. Our combination of novel research with practical solutions reduces the security risks that our clients face from emerging technologies. Our work helps drive the security industry and the public understanding of the technology underlying our world.

Cybersecurity preparedness is a moving target. Companies like ours are the tip of the spear in the fight against attackers. Our research-based and custom-engineering approach ensures that our client’s capabilities are at the forefront of what’s available. For companies and technologies that live and die by their security, a proactive, tailored approach is required to keep one step ahead of attackers.

Democratizing security information is essential. As part of our business, we provide ongoing informational support through blogs, whitepapers, newsletters, meetups, and open-source tools. The more the community understands security, the more they’ll understand why a company like ours is so unique and valuable.

Role

Trail of Bits seeks a Senior Security Engineer specializing in Agentic AI Security for our Software Assurance team. You will discover and exploit novel vulnerabilities in agentic AI systems — finding the breaks before your clients do. You'll develop sophisticated prompt injection attacks, test agent orchestration weaknesses, and identify real-world failure modes in LLM tool use, training data pipelines, and guardrail mechanisms. You will identify and analyze novel attack vectors specific to AI and agentic environments, focusing on real-world failure modes, system integration issues, and unauthorized access vectors. This role allows you to apply application security expertise and adversarial thinking to the latest agentic systems and business integrations.

In addition to performing technical assessments, you will develop threat models for agentic AI systems, contribute to risk frameworks for generative AI deployment, and deliver specialized training to clients on novel exploitation techniques in agentic AI security.

What You'll Achieve

  • Agentic AI Security Assessments - Conduct comprehensive application security assessments of agentic AI pipelines, tools, and frameworks for leading companies and labs. Examine vulnerabilities in model architectures, guardrails, and deployment infrastructure while developing mitigation strategies.
  • Prompt Injection Research & Development - Develop and share novel prompt injection techniques targeting agentic workflows, including indirect injection via tool outputs, multi-turn manipulation, and cross-agent exploitation. Produce actionable attack libraries and defensive countermeasures for client engagements.
  • Application Security Assessment - Conduct security assessments of client code bases using a combination of static analysis, dynamic testing, and manual code review, identifying vulnerabilities and developing mitigation strategies, with a focus on findings at the intersection of application security and Agentic AI security.
  • Threat Modeling - Conduct threat modeling and risk assessments to proactively identify potential risks for clients and develop mitigation strategies for future prevention, with particular attention to prompt injection attack surfaces in agentic orchestration layers.
  • Client Engagement - Work with leading industry teams to review system code and architecture, and help assure their products through system analysis and modeling.
  • AI Policy & Compliance Initiatives - Develop and contribute to AI regulatory frameworks, establishing assurance methods and auditing processes for mission-critical AI applications while ensuring alignment with emerging industry standards and safety requirements.

What You'll Bring

  • AI Security Expertise - Demonstrated interest and experience in agentic AI security, with demonstrated ability to identify and mitigate AI-specific vulnerabilities across complex systems, including hands-on experience with prompt injection attacks and defenses.
  • Technical AI Knowledge -  Deep understanding of AI/ML architectures, frameworks (PyTorch, JAX, LangChain, RAG systems, etc.), and MLOps practices, combined with robust security engineering expertise.
  • Application Security Skills - Track record of conducting technical security assessments of software, including software and system hardening, security policy analysis, and implementing effective security measures.
  • Prompt Injection Proficiency - Practical experience designing and executing prompt injection workflows against production LLM systems, agentic pipelines, and tool-use environments, including familiarity with emerging taxonomies and mitigation approaches.
  • Programming Proficiency - Strong knowledge of multiple programming languages such as Rust, Go, Kotlin, Swift, Objective-C, JavaScript/TypeScript, Python, Ruby, C and/or C++ for both security analysis and tool development.
  • Adverserial Mindset - A creative and adversarial mindset, with a passion for discovering novel attack vectors and understanding how systems work across many layers of abstraction.
  • Communication Skills - Ability to effectively communicate complex security concepts to diverse stakeholders and deliver clear, actionable recommendations.

The base salary for this full-time position ranges from $100,000 to $220,000 excluding benefits and potential bonuses. Various factors influence our salary ranges, including the specific role, level of seniority, geographic location, and the nature of the employment contract. An individual's specific work location, unique skills, experience, and relevant educational background will determine the final offer within this range. The presented salary range encompasses the starting salaries for all U.S. locations. For a precise salary estimate tailored to your preferred location, please discuss it with your recruiter during the hiring process.

Trail of Bits, Inc. participates in E-Verify, the US federal electronic employment eligibility verification program. Learn more

Only applications completed via our Careers page will be considered for further review.

When you apply, you'll be added to our newsletter so you can stay updated on company news and opportunities. You can opt out anytime.

Benefits

Benefits, Perks & Wellness

Trail of Bits is our people, not a place. With over 100+ employees working from every time zone across the globe, our remote-first culture is built on autonomy and trust (and backed by smile-worthy benefits) for full-time employees:

Empowered Living:

  • Competitive salary complemented by performance-based bonuses.
  • Fully company-paid insurance packages, including health, dental, vision, disability, and life.
  • A solid 401(k) plan with a 5% match of your base salary.
  • 20 days of paid vacation with flexibility for more, adhering to jurisdictional regulations.

Nurturing New Beginnings:

  • 4 months of parental leave to cherish the arrival of new family members.
  • Our team is global and remote-first. However, if you are interested in moving to NYC, we offer $10,000 in relocation assistance to support your transition.

Work & Life Enrichment:

  • $1,000 Working-from-Home stipend to create a comfortable and productive home office.
  • Annual $750 Learning & Development stipend for continuous personal and professional growth.
  • Company-sponsored all-team celebrations, including travel and accommodation, to foster community and recognize achievements.

Community Impact:

  • Philanthropic contribution matching up to $2,000 annually.
Ready to apply to Trail of Bits?
Apply to Trail of Bits

How this Security Engineer salary compares

This role pays $160,000/yrbelow the typical range for Security Engineer roles.

$142,200 median $198,000 $270,563

Typical range $163,222–$239,700/yr, from 238 comparable Security Engineer listings on JobsRadar (pay annualized to USD). See Security Engineer salary insights →

About Trail of Bits

Since 2012, Trail of Bits has helped secure some of the world's most targeted organizations and devices. We combine high-end security research with a real-world attacker mentality to reduce risk and fortify code.

We help our clientele — ranging from Facebook to DARPA — lead their industries. Their dedicated security teams come to us for our foundational tools and deep expertise in reverse engineering, cryptography, virtualization, malware, and software exploits. According to their needs, we may audit their products or networks, consult on modifications necessary for a secure deployment, or develop the features that close their security gaps.

After solving the problem at hand, we continue to refine our work in service to the deeper issues. The knowledge we gain from each engagement and research project further hones our tools and processes, and extends our software engineers' abilities. We believe the most meaningful security gains hide at the intersection of human intellect and computational power.

See all jobs at Trail of Bits →

Similar jobs

Verisign
Senior InfoSec Tools Engineer
Verisign
⚡ Apply early Reston,Virginia,United States Hybrid $135,800–$183,800
● New 👁 Seen ✓ Applied 3h ago
Anduril Industries
Security Software Engineer - Endpoint Security
Anduril Industries
⚡ Apply early Boston, Massachusetts, United... Onsite $166,000–$253,000
● New 👁 Seen ✓ Applied 18h ago
Anduril Industries
Security Software Engineer - Endpoint Security
Anduril Industries
⚡ Apply early Costa Mesa, California, United... Onsite $166,000–$253,000
● New 👁 Seen ✓ Applied 18h ago
Anduril Industries
Security Software Engineer - Endpoint Security
Anduril Industries
⚡ Apply early Atlanta, Georgia, United State... Onsite $126,000–$191,000
● New 👁 Seen ✓ Applied 18h ago
Skydio
Software Engineer - Security
Skydio
⚡ Apply early San Mateo, California, United... Hybrid $160,000–$210,000
● New 👁 Seen ✓ Applied 2d ago
Block
Principal Security Engineer
Block
⚡ Apply early Bay Area, CA, United States of... Onsite $319,000–$478,600
● New 👁 Seen ✓ Applied 2d ago
Block
Senior Security Engineer, Platform Security
Block
⚡ Apply early Bay Area, CA, United States of... Onsite $217,800–$326,800
● New 👁 Seen ✓ Applied 2d ago
Block
Senior Security Engineer, Security Engineering & Operations
Block
⚡ Apply early Bay Area, CA, United States of... Onsite $180,000–$270,000
● New 👁 Seen ✓ Applied 2d ago
SciTec
Senior Cybersecurity Engineer
SciTec
⚡ Apply early Boulder, Colorado, United Stat... Onsite $124,000–$158,000
● New 👁 Seen ✓ Applied 3d ago

Sign up for suggestions tailored to the jobs you open and the searches you save.

Apply now
🤖

Whoa — hold up

JobsRadar was built for real people having a rough time in their job search — not for automated requests. You're clicking way too fast and you're now temporarily blocked.

Come back later. If you're genuinely job hunting, we've got your back — just act like a human.

Catch your next role the second it’s posted.

Create a free account and we’ll watch the boards for you — the instant a job matches your search, it lands in your inbox or Telegram. No digging, no refreshing.

Create free account

Free forever · takes 30 seconds · already have one?

Get an edge on your job hunt.

Join our Telegram channel for the stuff that helps you land the role — salary benchmarks, the weekly market pulse, and new-feature drops. No spam, just signal.

Join the channel — it's free