Bestkaam Logo
Back to Jobs
Elantis

AI Security Researcher (Offensive AI / AI Asset Hunter)

Actively Reviewing

Elantis

India Part-Time 2–4 yrs exp Posted 1 day ago  · Apply by Sep 14, 2026

Technical Hiring Test (Take-Home Assessment)

Objective

Using only publicly available information, identify AI-related security risks for three U.S.-based companies.

Company Criteria

  • Headquarters in the United States
  • 200–2,000 employees
  • Publicly accessible GitHub organization or repositories
  • Evidence of production AI usage (agents, MCP, RAG, AI workflows, AI automation, or LLM applications)

Rules

Do NOT:

  • Scan live infrastructure
  • Probe production systems
  • Exploit vulnerabilities
  • Attempt authentication bypass
  • Perform active penetration testing

Use public artifacts only, including:

  • GitHub repositories
  • Documentation
  • Engineering blogs
  • Docker images
  • Public APIs
  • Public configuration files
  • Public AI documentation

Deliverables

For each company provide:

  • Company name
  • Website
  • Approximate employee count
  • GitHub organization
  • Evidence of AI usage
  • AI assets discovered
  • Security observations
  • Risk rating (Low/Medium/High)
  • Screenshots or repository links supporting each observation
  • Suggested remediation

Examples of Findings

Examples include (but are not limited to):

  • Prompt injection opportunities
  • Tool poisoning risks
  • Missing guardrails
  • Over-privileged AI agents
  • Unsafe MCP configurations
  • Insecure RAG architecture
  • Excessive tool permissions
  • Secrets or credentials exposed in repositories
  • Weak authorization controls
  • Unsafe agent execution patterns
  • AI supply-chain weaknesses
  • Unsafe CI/CD workflows for AI systems



Evaluation Criteri

aArea: Weigh

  • tAI asset discovery capability: 25
  • %Technical depth: 20
  • %Accuracy of findings: 20
  • %Quality of evidence:15
  • %Automation and tooling: 10
  • %Reporting quality: 10

%Important: We value responsible disclosure and accurate analysis over the number of findings. Unsupported claims or speculative vulnerabilities will not receive credit


.
We are looking for an offensive security researcher who enjoys breaking AI systems before attackers d

o.Your primary responsibility is to discover publicly exposed AI assets belonging to enterprise organizations and identify security weaknesses using only publicly available information. You will investigate GitHub repositories, AI applications, agent frameworks, public cloud assets, APIs, documentation, Docker images, MCP servers, and exposed AI infrastructur

e.This is a hands-on research position combining offensive security, OSINT, AI engineering, and automatio

n.What You'll

  • DoHunt for publicly exposed AI assets across enterprise organizatio
  • nsDiscover AI agents, LLM applications, MCP servers, RAG systems, prompt repositories, AI APIs, and model deploymen
  • tsAnalyze public GitHub repositories for AI-related security weakness
  • esBuild automation to enumerate AI assets across domains and repositori
  • esPerform offensive security research against AI applications using only public artifac
  • tsProduce reproducible technical reports with proof-of-concept findin
  • gsDevelop internal tooling for AI asset discovery and risk analys
  • isStay current on emerging AI attack techniques and AI security resea

rcAreas You Will Investiga

teYou should be comfortable identifying risks such a

  • s:Tool poisoning exposu
  • reExcessive permission scop
  • esPrompt injection pat
  • hsIndirect prompt injection ris
  • ksAuthentication and authorization ga
  • psSecret management weakness
  • esUnsafe tool execution patter
  • nsOver-privileged AI agen
  • tsData exposure ris
  • ksAI supply-chain ris
  • ksUnsafe Model Context Protocol (MCP) configuratio
  • nsInsecure Retrieval-Augmented Generation (RAG) implementatio
  • nsMissing guardrails and policy enforceme
  • ntHardcoded API keys or AI credentia
  • lsInsecure vector database exposu
  • reExcessive AI agent capabiliti
  • esUnsafe autonomous workflo
  • wsAgent memory leaka
  • geAI plugin security weakness
  • esModel endpoint exposu
  • rePublic model weights or checkpoin
  • tsInsecure AI pipelin
  • esAI infrastructure misconfiguratio

nsRequired Skil

  • ls1–3 years of cybersecurity or offensive security experien
  • ceStrong GitHub reconnaissance skil
  • lsExperience with Pyth
  • onFamiliarity with AI frameworks such a
  • s:LangCha
  • inLangGra
  • phCrew
  • AIAutoG
  • enLlamaInd
  • exOpenAI Agents S
  • DKMCP (Model Context Protoco
  • l)Knowledge of LLM architecture and agentic
  • AIUnderstanding of prompt injection and AI threat mode
  • lsExperience usin
  • g:GitHub Sear
  • chGitHub A
  • PISemgr
  • epCode
  • QLTruffleH
  • ogGitlea
  • ksNucl
  • eiShod
  • anCens
  • ysBurp Sui
  • teFamiliarity with OWASP Top 10 for LLM Applications and AI security concepts (Greenhous


e)
Nice to H

  • aveBug bounty experie
  • nceCTF participat
  • ionAI red team
  • ingMCP security test
  • ingRAG security test
  • ingCloud security (AWS/Azure/G
  • CP)Kuberne
  • tesDoc
  • kerExperience building autonomous AI age


nts