AI Engineer - Pentesting Agent

MLabs • Remote • 8h ago

Location: Preference for the UK or US

Remote | Full-time

Compensation: Competitive

Our client is the fastest-growing online cybersecurity training platform in the industry, currently serving more than 6 million users and over 1,000 global businesses, including government agencies and Fortune 500 organizations. With a significant initial investment, the organization is developing a fully autonomous AI pentesting agent designed to plan, exploit, adapt, and report with the speed and precision required for modern offensive security.

The team is seeking a talented AI Engineer to join a small, high-impact group dedicated to building this autonomous system from the ground up. This role is ideal for a deeply curious engineer with a passion for AI agents and a strong interest in the cybersecurity domain. The successful candidate will design the core logic of the system, shaping its reasoning, memory, and execution flows to handle complex offensive security tasks reliably.

Key Responsibilities

Agent Development: Contribute to the design, development, and optimization of an autonomous AI pentesting agent, focusing on core logic and decision paths.
Core Capabilities: Implement agent functions such as reasoning, complex planning, tool orchestration, and structured memory.
Testing Infrastructure: Build and maintain secure environments to execute, test, and benchmark agent behaviors against offensive security scenarios.
Model Evaluation: Assist in evaluating and comparing various Large Language Models (including Claude, OpenAI, Mistral, and Llama) to optimize specific agent tasks.
Interface & Automation: Build UI components and dashboards using React and support browser automation workflows using Playwright for agent evaluation.
Continuous Refinement: Support the iterative improvement of the agent through experimentation, observability, and rigorous lab testing.
Collaborative Research: Work closely with offensive security researchers to align agent behaviors with real-world attacker workflows and vulnerability exploitation methodologies.

Interview Process

Introductory Call: A 30-minute session with the founder and the AI agent team.Technical Evaluation: A one-hour technical exercise and a live discussion regarding previous work in building AI agents.

Professional Experience: 2+ years of software development experience with a high level of proficiency in Python.
AI Agent Expertise: Proven experience building AI agents utilizing frameworks such as LangChain, CrewAI, or similar SDKs.
Agent Design: Hands-on experience with reasoning patterns, tool orchestration, memory management, and structured outputs.
Advanced LLM Techniques: Proficiency in prompt engineering, Retrieval-Augmented Generation (RAG), chain-of-thought processing, and few-shot learning.
Technical Stack: Experience with SQL/NoSQL databases, data modeling, Docker, AWS, cloud deployment, and shell scripting.
Frontend Skills: Experience using React for developing frontends and analytical dashboards.
Cybersecurity Interest: A demonstrable interest in cybersecurity; while deep expertise is not required, curiosity and a passion for the field are essential.
Authorization: Our client is currently unable to provide visa sponsorship for this position.

Bonus Points

Familiarity with the OWASP Top 10 vulnerabilities.
Experience in model training and fine-tuning (e.g., LoRA, PEFT) and evaluation.
Practical cybersecurity expertise in pentesting methodologies or CTF platforms.
Experience using Playwright for browser automation in the context of agent workflows.

Competitive Compensation: A market-leading salary package.
Equity: Ownership stake in the AI pentesting venture.
Autonomy: An early-stage role offering significant ownership over technical decisions and system architecture.
Growth: The opportunity to work at the intersection of AI and cybersecurity within a rapidly scaling organization

Due to the high volume of applications we anticipate, we regret that we are unable to provide individual feedback to all candidates. If you do not hear back from us within 4 weeks of your application, please assume that you have not been successful on this occasion. We genuinely appreciate your interest and wish you the best in your job search.

Commitment to Equality and Accessibility:

At MLabs, we are committed to offer equal opportunities to all candidates. We ensure no discrimination, accessible job adverts, and providing information in accessible formats. Our goal is to foster a diverse, inclusive workplace with equal opportunities for all. If you need any reasonable adjustments during any part of the hiring process or you would like to see the job-advert in an accessible format please let us know at the earliest opportunity by emailing human-resources@mlabs.city.

MLabs Ltd collects and processes the personal information you provide such as your contact details, work history, resume, and other relevant data for recruitment purposes only. This information is managed securely in accordance with MLabs Ltd’s Privacy Policy and Information Security Policy, and in compliance with applicable data protection laws. Your data may be shared only with clients and trusted partners where necessary for recruitment purposes. You may request the deletion of your data or withdraw your consent at any time by contacting legal@mlabs.city.

Apply