AI Security Researcher

About Agoda

At Agoda, we bridge the world through travel. Our story began in 2005, when two lifelong friends and entrepreneurs, driven by their passion for travel, launched Agoda to make it easier for everyone to explore the world.

Today, we are part of Booking Holdings [NASDAQ: BKNG], with a diverse team of over 7,000 people from 90 countries, working together in offices around the globe. Every day, we connect people to destinations and experiences, with our great deals across our millions of hotels and holiday properties, flights, and experiences worldwide.

No two days are the same at Agoda. Data and technology are at the heart of our culture, fueling our curiosity and innovation. If you’re ready to begin your best journey and help build travel for the world, join us.

We are looking for an AI Security Researcher with a deep understanding of modern LLMs and Generative AI systems, with a strong offensive security mindset. You will focus on breaking, hardening, and securing AI systems, and working closely with engineering teams to design and implement robust AI security solutions.

Key Responsibilities:

• Design, execute, and document jailbreaks, prompt injection attacks, model evasion, data exfiltration, and other offensive techniques against chatbots and AI agents.
• Assess and attempt to compromise Model Context Protocol (MCP)–based systems and other tool-calling / plugin ecosystems.
• Build and automate security testing workflows involving multiple LLM models, APIs, and tools (e.g., Jupyter notebooks, orchestration frameworks).
• Perform offensive security testing and red teaming of AI-driven products, including API manipulation and integration abuse.
• Research and analyze security weaknesses in Large Language Models (LLMs), Generative AI systems, and their surrounding infrastructure.
• Contribute to in-house guardrail design: define, implement, and test safety and security guardrails for LLMs and AI automations.
• Propose and evaluate defensive controls: input/output filtering, policy enforcement, monitoring, anomaly detection, and non-AI controls to secure AI systems.
• Translate research findings into practical engineering requirements and collaborate closely with product and engineering teams to implement fixes and mitigations.
• Stay current with the OWASP Top 10 for LLM / GenAI and other emerging AI security standards, frameworks, and threat models.
• Produce clear technical documentation, proof-of-concepts, and internal knowledge sharing on AI security best practices and new attack/defense techniques.
  
  

What you'll Need to Succeed:

• Bachelors in Computer Science or related degree.
• Experience 2-5 years in offensive cybersecurity.
• Good communication skills in English to communicate security risks to other teams.
• Deep understanding of LLMs and Generative AI (architectures, prompt processing, context windows, system prompts, tool use, fine-tuning, RAG, etc.).
• Hands-on experience with jailbreaking and red-teaming chatbots and AI agents (e.g., prompt injection, role confusion, data leakage, safety bypasses).
• Strong offensive security background:
• Experience with API security testing and manipulation.
• Prior red teaming, penetration testing, or adversarial testing experience.
• Bug bounty / HackerOne or similar track record is a strong plus.
• Scripting knowledge (Python, PowerShell) and working with no-code flows for automation.
  
  

#sanfrancisco #sanjose #losangeles #sandiego #oakland #denver #miami #orlando #atlanta #chicago #boston #detroit #newyork #portland #philadelphia #dallas #houston #austin #seattle #sydney #melbourne #perth #toronto #vancouver #montreal #shanghai #beijing #shenzhen #prague #Brno #Ostrava #cairo #alexandria #giza #estonia #paris #berlin #munich #hamburg #stuttgart #cologne #frankfurt #hongkong #budapest #jakarta #bali #dublin #telaviv #milan #rome #venice #florence #naples #turin #palermo #bologna #tokyo #osaka #kualalumpur #malta #amsterdam #oslo #manila #warsaw #krakow #doha #alrayyan #riyadh #jeddah #mecca #medina #singapore #seoul #barcelona #madrid #stockholm #zurich #taipei #tainan #taichung #kaohsiung #bangkok #Phuket #istanbul #london #manchester #edinburgh #hcmc #hanoi #lodz #wroclaw #poznan #katowice #rio #salvador #newdelhi #bangalore #bandung #yokohama #nagoya #okinawa #fukuoka #jerusalem #IT #4

Discover More About Working At Agoda

• Agoda Careers https://careersatagoda.com
• Facebook https://www.facebook.com/agodacareers/
• LinkedIn https://www.linkedin.com/company/agoda
• YouTube https://www.youtube.com/agodalife
  
  

Equal Opportunity Employer

At Agoda, we pride ourselves on being a company represented by people of all different backgrounds and orientations. We prioritize attracting diverse talent and cultivating an inclusive environment that encourages collaboration and innovation. Employment at Agoda is based solely on a person’s merit and qualifications. We are committed to providing equal employment opportunity regardless of sex, age, race, color, national origin, religion, marital status, pregnancy, sexual orientation, gender identity, disability, citizenship, veteran or military status, and other legally protected characteristics.

We will keep your application on file so that we can consider you for future vacancies and you can always ask to have your details removed from the file. For more details please read our privacy policy.

Disclaimer

We do not accept any terms or conditions, nor do we recognize any agency’s representation of a candidate, from unsolicited third-party or agency submissions. If we receive unsolicited or speculative CVs, we reserve the right to contact and hire the candidate directly without any obligation to pay a recruitment fee.