Perplexity

Now hiring

Member of Technical Staff (Offensive Security Engineer) @ Perplexity

San Francisco / Remote (United States) / London / Serbia / New York CityRemoteFull-timePosted 92 days ago

Opens on the employer's site

About this role

Perplexity is seeking a highly skilled, experienced and hands-on Offensive Security Engineer to join our dynamic security team, taking an adversarial approach to hardening Perplexity's infrastructure, applications, and AI systems. You'll plan and execute red team operations, penetration tests, and attack simulations across our cloud infrastructure, web and mobile applications, AI/ML pipeline, and corporate environment—finding real vulnerabilities before adversaries do and working directly with engineering teams to drive remediation.

Responsibilities

Plan and execute red team and purple team engagements simulating advanced threat actors across cloud infrastructure (AWS, Kubernetes), endpoints, and application surfaces

Conduct continuous penetration testing of web applications, APIs, mobile clients, browser extensions, cloud infrastructure, and internal services

Assess AI/ML-specific attack surfaces including prompt injection, model exfiltration, agent abuse, tool-use exploitation, and MCP security boundaries

Develop and maintain custom offensive tooling, exploits, and automation to improve the efficiency and coverage of security testing

Perform open-scope adversary simulations that test detection and response capabilities end to end, collaborating closely with the defensive security team

Drive threat modeling sessions with engineering teams to identify and prioritize attack vectors in new features and architectures

Deliver clear, actionable findings to both technical and executive audiences; partner with engineering to validate remediations

Contribute to the security of CI/CD pipelines, supply chain integrity, and secrets management through offensive assessment

Stay current on emerging attack techniques, vulnerability research, and adversary tradecraft; bring external perspective into Perplexity's security strategy

Qualifications

5+ years of hands-on experience in offensive security, red teaming, or penetration testing

Deep technical expertise in at least two of: cloud security (AWS/GCP/Azure), web/API application security, Kubernetes and container security, macOS/Linux endpoint security, network penetration testing, or CI/CD pipeline security

Track record of discovering impactful vulnerabilities or developing novel attack techniques in production environments

Strong programming and scripting skills in Python, Go, or similar languages; comfortable writing custom tooling and exploits

Experience with industry-standard offensive tools (Burp Suite, Cobalt Strike / Sliver / Mythic, Metasploit, BloodHound, nuclei, etc.) and ability to operate beyond them

Excellent written and verbal communication; able to translate complex technical findings into clear risk narratives

Experience assessing AI/ML systems, LLM applications, or agentic workflows for security vulnerabilities

Bonus: Published security research, conference talks (DEF CON, Black Hat, BSides), CVE credits, or meaningful bug bounty contributions

Skills

Security

Ready to apply?

Install the ResuMinder extension and we'll auto-fill the application in seconds — no rewriting.

Get the extension →
See how your CV scores — free