Track and operationalize the rapidly evolving AI threat landscape - OWASP LLM Top 10, MITRE ATLAS, emerging attack research on agentic systems - translating external research into internal red team ...
Track and operationalize the rapidly evolving AI threat landscape - OWASP LLM Top 10, MITRE ATLAS, emerging attack research on agentic systems - translating external research into internal red team ...
Manager, Cybersecurity Strategy and Risk
Austin, TX · On-site
$108K - $147K/yr
Manager, Red Team: Product Security Engineering About SailPoint SailPoint is the leader in identity ... You know OWASP Top 10 for LLM Applications, MITRE ATLAS, and NIST AI RMF as applied to offensive ...
Manager, Cybersecurity Strategy and Risk
Austin, TX · On-site
$108K - $147K/yr
Manager, Red Team: Product Security Engineering About SailPoint SailPoint is the leader in identity ... You know OWASP Top 10 for LLM Applications, MITRE ATLAS, and NIST AI RMF as applied to offensive ...
Manager, Cybersecurity Strategy and Risk
Austin, TX · On-site
$110K - $148K/yr
Manager, Red Team: Product Security Engineering SailPoint is the leader in identity security for ... Atlas Platform, using frontier AI as a force multiplier, not a novelty. A typical day: reviewing ...
Manager, Cybersecurity Strategy and Risk
Austin, TX · On-site
$110K - $148K/yr
Manager, Red Team: Product Security Engineering SailPoint is the leader in identity security for ... Atlas Platform, using frontier AI as a force multiplier, not a novelty. A typical day: reviewing ...
Manager, Cybersecurity Strategy and Risk
Charleston, WV · On-site
$102K - $138K/yr
Manager, Red Team: Product Security Engineering About SailPoint SailPoint is the leader in identity ... You know OWASP Top 10 for LLM Applications, MITRE ATLAS, and NIST AI RMF as applied to offensive ...
Manager, Cybersecurity Strategy and Risk
Charleston, WV · On-site
$102K - $138K/yr
Manager, Red Team: Product Security Engineering About SailPoint SailPoint is the leader in identity ... You know OWASP Top 10 for LLM Applications, MITRE ATLAS, and NIST AI RMF as applied to offensive ...
AI red teaming, AI T&E, adversarial AI, AI-enhanced cybersecurity, AI strategy and governance * Experience generating or analyzing intelligence reporting data * Familiarity with MITRE ATLAS threat ...
AI red teaming, AI T&E, adversarial AI, AI-enhanced cybersecurity, AI strategy and governance * Experience generating or analyzing intelligence reporting data * Familiarity with MITRE ATLAS threat ...
Vehicle Equipment Technician
Fort Knox, KY · On-site
$31.59/hr
... M4Ks, Atlas M270s, Dozers (D7G), graders, Heavy Duty Agricultural Equipment, compressors, air ... Red River Science & Technology, LLC is an Equal Opportunity/Affirmative Action Employer. All ...
Quick apply
Vehicle Equipment Technician
Fort Knox, KY · On-site
$31.59/hr
... M4Ks, Atlas M270s, Dozers (D7G), graders, Heavy Duty Agricultural Equipment, compressors, air ... Red River Science & Technology, LLC is an Equal Opportunity/Affirmative Action Employer. All ...
Senior AI Security Engineer with Security Clearance
Fairfax, VA · On-site
$117K - $160K/yr
Utilize and enhance MITRE ATLAS framework for assessing threats to AI-enabled systems * Contribute ... AI red teaming, AI T&E, adversarial AI, AI-enhanced cybersecurity, AI strategy and governance
Senior AI Security Engineer with Security Clearance
Fairfax, VA · On-site
$117K - $160K/yr
Utilize and enhance MITRE ATLAS framework for assessing threats to AI-enabled systems * Contribute ... AI red teaming, AI T&E, adversarial AI, AI-enhanced cybersecurity, AI strategy and governance
AI red teaming, AI T&E, adversarial AI, AI-enhanced cybersecurity, AI strategy and governance * Experience generating or analyzing intelligence reporting data * Familiarity with MITRE ATLAS threat ...
AI red teaming, AI T&E, adversarial AI, AI-enhanced cybersecurity, AI strategy and governance * Experience generating or analyzing intelligence reporting data * Familiarity with MITRE ATLAS threat ...
Utilize and enhance MITRE ATLAS framework for assessing threats to AI-enabled systems * Provide ... AI red teaming, AI T&E, adversarial AI, AI-enhanced cybersecurity, AI strategy and governance
Utilize and enhance MITRE ATLAS framework for assessing threats to AI-enabled systems * Provide ... AI red teaming, AI T&E, adversarial AI, AI-enhanced cybersecurity, AI strategy and governance
Technical Support Engineer
Birmingham, AL · On-site
Avancir, based in Birmingham, AL, is proud to be part of the Atlas RFID family, a trusted name in ... Experience with Node-RED, FlowFuse, or other low-code platforms. * Knowledge of PostgreSQL, or ...
Technical Support Engineer
Birmingham, AL · On-site
Avancir, based in Birmingham, AL, is proud to be part of the Atlas RFID family, a trusted name in ... Experience with Node-RED, FlowFuse, or other low-code platforms. * Knowledge of PostgreSQL, or ...
Track and operationalize the rapidly evolving AI threat landscape - OWASP LLM Top 10, MITRE ATLAS, emerging attack research on agentic systems - translating external research into internal red team ...
Track and operationalize the rapidly evolving AI threat landscape - OWASP LLM Top 10, MITRE ATLAS, emerging attack research on agentic systems - translating external research into internal red team ...
Jimmy John's Sandwich General Manager
Pittsburgh, PA · On-site
$41K - $50K/yr
Providing red carpet treatment for our customers and consistently upholding the Jimmy John ... Must be able to work in a standing position for long periods of time Atlas Culture Requirements
Quick apply
Jimmy John's Sandwich General Manager
Pittsburgh, PA · On-site
$41K - $50K/yr
Providing red carpet treatment for our customers and consistently upholding the Jimmy John ... Must be able to work in a standing position for long periods of time Atlas Culture Requirements
Controls Technician
North Vernon, IN · On-site
$25 - $32.75/hr
Provincial Certification Red Seal 309A or 442A would help * 3-5 years of experience in a similar ... Trouble shoot equipment consisting of torque controllers (ATLAS COPCO), robotics and programmable ...
Controls Technician
North Vernon, IN · On-site
$25 - $32.75/hr
Provincial Certification Red Seal 309A or 442A would help * 3-5 years of experience in a similar ... Trouble shoot equipment consisting of torque controllers (ATLAS COPCO), robotics and programmable ...
AI/LLM Safety Engineer
Overland Park, KS · On-site +1
LLM Safety Evaluation & Red Teaming * Design and maintain a safety evaluation framework-adversarial ... Practical experience with threat-modeling methodologies such as MITRE ATLAS and STRIDE/PASTA. About ...
AI/LLM Safety Engineer
Overland Park, KS · On-site +1
LLM Safety Evaluation & Red Teaming * Design and maintain a safety evaluation framework-adversarial ... Practical experience with threat-modeling methodologies such as MITRE ATLAS and STRIDE/PASTA. About ...
LLM Safety Evaluation & Red Teaming * Design and maintain a safety evaluation framework-adversarial ... Practical experience with threat-modeling methodologies such as MITRE ATLAS and STRIDE/PASTA. About ...
LLM Safety Evaluation & Red Teaming * Design and maintain a safety evaluation framework-adversarial ... Practical experience with threat-modeling methodologies such as MITRE ATLAS and STRIDE/PASTA. About ...
AI/LLM Safety Engineer
Leawood, KS · On-site
LLM Safety Evaluation & Red Teaming * Design and maintain a safety evaluation framework ... Practical experience with threat-modeling methodologies such as MITRE ATLAS and STRIDE/PASTA. About ...
Quick apply
AI/LLM Safety Engineer
Leawood, KS · On-site
LLM Safety Evaluation & Red Teaming * Design and maintain a safety evaluation framework ... Practical experience with threat-modeling methodologies such as MITRE ATLAS and STRIDE/PASTA. About ...
... ATLAS, and NIST AI RMF to drive remediation through engineering teams. * Defines and ... Builds and scales AI Security Testing & Red Teaming workflows by creating repeatable adversarial ...
... ATLAS, and NIST AI RMF to drive remediation through engineering teams. * Defines and ... Builds and scales AI Security Testing & Red Teaming workflows by creating repeatable adversarial ...
Hands-on AI red-teaming experience covering prompt injection (direct and indirect), jailbreaking ... LLMs and MITRE ATLAS expected. * Hands-on penetration testing experience across network ...
Hands-on AI red-teaming experience covering prompt injection (direct and indirect), jailbreaking ... LLMs and MITRE ATLAS expected. * Hands-on penetration testing experience across network ...
Hands-on AI red-teaming experience covering prompt injection (direct and indirect), jailbreaking ... LLMs and MITRE ATLAS expected. * Hands-on penetration testing experience across network ...
Hands-on AI red-teaming experience covering prompt injection (direct and indirect), jailbreaking ... LLMs and MITRE ATLAS expected. * Hands-on penetration testing experience across network ...
Hands-on AI red-teaming experience covering prompt injection (direct and indirect), jailbreaking ... LLMs and MITRE ATLAS expected. * Hands-on penetration testing experience across network ...
Hands-on AI red-teaming experience covering prompt injection (direct and indirect), jailbreaking ... LLMs and MITRE ATLAS expected. * Hands-on penetration testing experience across network ...
Red Atlas information
See salary details
$101.5K - $108.7K
4% of jobs
$108.7K - $116K
17% of jobs
$117.5K is the 25th percentile. Wages below this are outliers.
$116K - $123.2K
16% of jobs
$123.2K - $130.4K
9% of jobs
The median wage is $132.4K / yr.
$130.4K - $137.6K
14% of jobs
$137.6K - $144.9K
12% of jobs
$149.8K is the 75th percentile. Wages above this are outliers.
$144.9K - $152.1K
4% of jobs
$152.1K - $159.3K
3% of jobs
$159.3K - $166.5K
6% of jobs
$166.5K - $173.8K
8% of jobs
$173.8K - $181K
6% of jobs
$101.5K
$138K
$181K
How much do red atlas jobs pay per year?
What is the highest paying space job?
What are the key skills and qualifications needed to thrive as a Red Atlas, and why are they important?
What services does Red Atlas Associates provide?
What jobs will be eliminated in the next 10 years?
What jobs pay 500,000 a year in the US?
What are Red Atlas jobs?

Job description
The Information Security organization at Postman operates across three pillars: Governance Risk & Compliance (GRC), Product Security, and Security Operations. We are a team of builders, not checkbox-checkers. We hold active SOC 2 Type II, ISO 27001, ISO 42001, and HIPAA compliance postures, and we are pursuing FedRAMP High and CMMC Level 2 authorization. Our security stack includes Wiz, SentinelOne, Okta, Jamf, and 1Password, and we operate across a multi-cloud environment.
The Offensive Security team is the "red" pulse of this organization. We don't just find bugs - we simulate the adversary to ensure our defenses hold up under real-world pressure. We focus on continuous security validation, AI-augmented adversary emulation, and offensive AI security research at Postman's scale.
The OpportunityWe are looking for a Principal Offensive Security Engineer who is as much a strategist as they are a hacker. You will own the strategic direction of Postman's offensive security program - including building out a dedicated Offensive AI Security capability from the ground up - and operate as a key partner to CISO leadership on threat-informed defense strategy.
This is not a role where you inherit a mature program and keep the lights on. You will shape what offensive security looks like at Postman for the next three years, with a specific mandate to make us an industry leader in adversarial testing of AI systems, agentic workflows, and LLM integrations.
You will lead a team that doesn't just "report" vulnerabilities but "demonstrates" them, using live exploits to build a deep, visceral security culture across the entire engineering organization.
What You'll DoStrategy & Program OwnershipSet Strategic Direction:Â Define and execute the multi-year offensive security roadmap, aligning Red Team, Purple Team, and continuous validation capabilities to Postman's evolving threat landscape and business priorities.
Build the Offensive AI Security Practice:Â Stand up and scale a dedicated offensive capability targeting AI/ML systems. This includes adversarial testing of LLM integrations, agentic workflows (MCP, tool-use chains), RAG pipelines, and model-serving infrastructure. You will define the methodology, tooling, and engagement frameworks from the ground up.
Develop AI Threat Intelligence:Â Track and operationalize the rapidly evolving AI threat landscape - OWASP LLM Top 10, MITRE ATLAS, emerging attack research on agentic systems - translating external research into internal red team playbooks and detection hypotheses for Security Operations.
Red Team AI Systems at Depth:Â Go beyond checkbox assessments. Lead structured adversarial campaigns against Postman's LLM deployments, AI agents, and model pipelines - targeting prompt injection, tool-use abuse, data exfiltration via context manipulation, training data poisoning, model manipulation, and trust boundary violations in multi-agent architectures.
Architect Autonomous Testing:Â Design and deploy AI-based penetration testing platforms and autonomous agents to perform continuous security validation across our API ecosystem.
Continuous Validation:Â Move from manual pentesting to Continuous Offensive Security, integrating automated breach and attack simulation (BAS) into CI/CD pipelines, including AI model deployment pipelines.
Lead & Cultivate:Â Build, manage, and scale a high-performing team of offensive security engineers - including specialized AI red team operators - providing mentorship, career development, and succession planning.
Recruit for the Future:Â Identify and hire talent at the intersection of offensive security and AI/ML - a rare and competitive talent market. Build a pipeline that includes internal development paths for existing security engineers to cross-skill into AI red teaming.
Drive Security Culture through "The Show":Â Lead live "Exploitable Demonstrations" - technical proof-of-concepts presented to engineering teams that show exactly how a vulnerability could be leveraged, turning abstract risks into tangible learning moments. Place particular emphasis on demystifying AI-specific attack vectors for non-ML engineers.
Executive Communication:Â Translate offensive findings into business-level risk narratives for executive leadership, the board, and external stakeholders. Partner with GRC on audit evidence and compliance posture derived from offensive operations, including AI-specific risk frameworks (ISO 42001).
Cross-Functional Partnership:Â Operate as a senior technical leader across Product Security, Security Operations, and Engineering, ensuring offensive findings - especially from AI red team engagements - drive measurable improvements in detection, response, and architecture.
Experience:Â Minimum of 8 years in offensive security (penetration testing, red teaming, vulnerability research, or exploit development) with at least 4 years in a people management or leadership capacity, including experience managing managers or tech leads.
AI/ML Offensive Depth:Â Demonstrated experience attacking AI/ML systems - whether through adversarial ML research, LLM red teaming, agentic system exploitation, or building offensive tooling for AI targets. You understand the difference between prompt injection and indirect prompt injection, know what a tool-use confusion attack looks like, and can articulate why RAG poisoning is a supply chain problem.
Strategic Acumen:Â Demonstrated ability to build and scale an offensive security program from the ground up or significantly mature an existing one. Experience setting OKRs, managing budgets, and presenting to executive leadership.
Adversarial Mindset:Â Deep understanding of the modern threat landscape and how to apply it to cloud-native, API-first environments - extended to AI-native architectures.
AI Offensive Tooling Fluency:Â Hands-on experience with AI-augmented pentesting tools (e.g., PentestGPT, Horizon3, custom LLM-based fuzzing) and purpose-built AI red team frameworks (e.g., Microsoft PyRIT, Garak, custom harnesses). Understanding of how to manage non-deterministic AI outputs in both offensive tooling and target systems.
Pragmatic Storytelling:Â You believe that a well-executed exploit demo is more effective than a 50-page PDF. You can present a complex exploit chain - including an AI-specific attack path - to a room of developers in a way that is inspiring, not condescending.
Engineering Fluency:Â You prefer building an automated "exploit-as-code" validator over performing the same manual test twice. You can architect evaluation harnesses and adversarial test suites for ML models.
Industry Presence:Â Track record of contributions to the offensive security or AI security community - conference talks (DEF CON, Black Hat, BSides, RSA), tool releases, published research, CVEs, or active participation in OWASP, MITRE, or similar working groups.
Certifications:Â OSCP, OSCE, OSEP, GXPN, GPEN, CRTP, or equivalent hands-on offensive certifications. AI/ML-specific credentials (e.g., GIAC GMAI) are a differentiator.
Cloud Security Expertise:Â Deep familiarity with AWS security primitives, cloud-native attack paths, and container/Kubernetes exploitation.
API Security Depth:Â Experience with API-specific attack methodologies - BOLA, BFLA, mass assignment, GraphQL abuse, gRPC exploitation - reflecting Postman's core product domain.
Compliance Awareness:Â Familiarity with how offensive security outputs map to SOC 2 Type II, ISO 27001, ISO 42001, FedRAMP, or CMMC control evidence. You don't run GRC, but you know how to feed it.
The reasonably estimated base salary for this role ranges from $275,000 to $300,000, plus a competitive equity package. Actual compensation is based on the candidate's skills, qualifications, and experience.Â
About Postman
Sourced by ZipRecruiter
Industry
Software development
Company size
501 - 1,000 Employees
Headquarters location
San Francisco, CA, US
Year founded
2014