AI Offensive Security Engineer

At eBay, we're more than a global ecommerce leader — we’re changing the way the world shops and sells. Our platform empowers millions of buyers and sellers in more than 190 markets around the world. We’re committed to pushing boundaries and leaving our mark as we reinvent the future of ecommerce for enthusiasts.

Our customers are our compass, authenticity thrives, bold ideas are welcome, and everyone can bring their unique selves to work — every day. We're in this together, sustaining the future of our customers, our company, and our planet.

Join a team of passionate thinkers, innovators, and dreamers — and help us connect people and build communities to create economic opportunity for all.

Role Overview

eBay seeks an AI Offensive Security Engineer to proactively identify and exploit vulnerabilities in AI/ML systems before adversaries do. This is a hands-on technical role focused on offensive research, adversarial attack simulation, and building the tools and automation that scale our AI security testing program. If you're an experienced offensive security engineer ready to apply your skills to one of the fastest-growing attack surfaces in the industry, this role is for you.

Key Responsibilities

• Offensive AI Research: Design and execute adversarial attacks against production AI/ML systems — including prompt injection and traditional vulnerabilities

• Red Team Operations: Lead AI-focused red team engagements: threat model targets, develop attack chains, execute, and deliver actionable findings

• Tool Development: Build, maintain, and document offensive security tooling for AI system testing — attack harnesses, fuzzing frameworks, automated vulnerability scanners, and agentic attack simulations

• Vulnerability Research: Discover novel attack techniques against LLMs, multimodal models, agentic pipelines, and AI-integrated applications; contribute findings to the broader security community

• Exploit Development: Develop proof-of-concept exploits for discovered vulnerabilities and work with engineering teams on remediation validation

• Automation & Scale: Integrate offensive testing into pipelines and security review workflows so AI red teaming is continuous, not point-in-time

• Knowledge Transfer: Document TTPs, author internal playbooks, and mentor other team members on AI attack techniques

Required Qualifications

• 5+ years in offensive security, penetration testing, or red teaming

• Strong software engineering skills — you write production-quality tools, not just scripts (Python required; Java, or JavaScript a plus)

• Background in traditional appsec/web pentesting (Burp Suite, fuzzing, auth bypass) — many AI vulnerabilities are classic vulns in new wrappers

• Cloud security experience across AWS, GCP, or Azure — including container/Kubernetes environments and cloud-hosted AI services

• Ability to independently scope, execute, and report on offensive engagements

• Strong written communication — clear, technically precise findings reports

Preferred Qualifications

• Hands-on experience attacking LLMs/GenAI systems, ML pipelines, APIs, or cloud-hosted AI services

• Knowledge of common failure modes of AI agents and LLMs, risks and exploitation techniques

• Experience with agentic AI frameworks, technologies and their attack surfaces

• Familiarity with MLOps tooling, model serving infrastructure, and vector databases

Hiring Manager Ideal Qualities

• Builder Mentality — You default to automating and tooling your work, not doing it manually twice

• Curiosity & Depth — You dig until you find the root cause; you're not satisfied with surface-level findings

• Independent Operator — You can own a full engagement from scoping through remediation without heavy oversight

• Adaptability — The AI attack surface changes weekly; you stay current and evolve your techniques accordingly

• Collaborative — Offensive results matter only if they drive fixes; you work closely with defenders and engineers to close gaps

Additional Details

The base pay range for this position is expected in the range below:

Base pay offered may vary depending on multiple individualized factors, including location, skills, and experience. The total compensation package for this position may also include other elements, including a target bonus and restricted stock units (as applicable) in addition to a full range of medical, financial, and/or other benefits (including 401(k) eligibility and various paid time off benefits, such as PTO and parental leave). Details of participation in these benefit plans will be provided if an employee receives an offer of employment.

If hired, employees will be in an “at-will position” and the Company reserves the right to modify base salary (as well as any other discretionary payment or compensation program) at any time, including for reasons related to individual performance, Company or individual department/team performance, and market factors.

Remote roles are not eligible for U.S. visa sponsorship.

eBay is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, national origin, sex, sexual orientation, gender identity, veteran status, and disability, or other legally protected status. If you have a need that requires accommodation, please contact us at [email protected]. We will make every effort to respond to your request for accommodation as soon as possible. View our accessibility statement to learn more about eBay's commitment to ensuring digital accessibility for people with disabilities. It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.

We use cookies to enhance your experience and may use AI tools for administrative tasks in the hiring process. To learn how we handle your personal data and use AI responsibly, please visit our Talent Privacy Notice, Privacy Center and AI Hiring Guidelines.