Offensive AI Researcher

See yourself in our team:

The Offensive AI team (in the Cyber Defence Operations department) will primarily:

• Perform security reviews of systems across the Group, with a focus on AI capability
• Perform research into emerging and novel attack techniques, and
• Support other offensive security operations throughout the Group.

This function's remit spans all technical facets of offensive security (web app testing, infrastructure testing, mobile testing, new-to-market research, coding, offensive techniques, code review, rapid prototyping, etc), as well as the nuances of a consulting-based role where the team is invited to comment on approaches and techniques more broadly.

Offensive AI team members should have deep technical knowledge of both offensive cyber-security and AI/ML concepts, extensive experience with technical security testing, experience with GenAI and ML technology, strong communication and process skills, advanced risk management skills and the drive to impart positive risk change across the Bank (with the awareness and experience of how to do so).

Do work that matters:

Deep dive into complex technical problems using your creativity and reasoning. Work with cutting-edge technologies and bespoke in-house frameworks, to find weaknesses and areas of security improvement ahead of the adversary. Build sophisticated offensive security capabilities to demonstrate your findings. Be recognised as a trusted and professional source of truth for the business.

Your responsibilities

• Plan and perform self-directed security assessments against systems across the Group to identify both technical and process weaknesses, with a focus on AI systems.
• Plan, perform and communicate research into new AI-related cyber security concepts which are relevant to Group technologies, and devise methodologies for related security testing activities.
• Research and develop novel attack techniques and scenarios, execute them with a high degree of fidelity, and demonstrate them to your peers.
• Deep dive sharing of specialist technical and non-technical cyber knowledge with various audiences.
• Represent Group views on cyber-attack and security testing both internally and externally.
• Write comprehensive reports including assessment-based findings, outcomes, and propositions for further system security enhancement.

What you will need to succeed:

• A strong sense of ownership and professionalism in your work
• A solid moral compass, a developed sense of when to ask “should we?”, and impeccable trustworthiness
• Experience in an offensive security role for at least 5 years
• Experience working with GenAI and ML based technology
• The ability to work effectively with both highly technical team members and non-technical business stakeholders
• An ability to think creatively, to develop novel attack scenarios and techniques for AI systems outside of traditional cyber attack vulnerability classes.

We are looking for a talented cyber security professional who is ready to step into a highly skilled, highly performing team and hit the ground running.

We are currently assessing candidates from Sydney and Melbourne regions.

Advertising End Date: 13/03/2025