[Hiring] Machine Learning Security Researcher @Trail of Bits

Role Description

Trail of Bits seeks a Machine Learning Security Researcher within our growing AI Assurance team. This role involves conducting cutting-edge security research on machine learning systems deployed by the world's most sophisticated AI organizations. The position focuses on identifying novel attack vectors, failure modes, and security vulnerabilities in state-of-the-art ML systems—from training pipelines and model architectures to deployment infrastructure and inference systems.

• Conduct original security research on cutting-edge machine learning systems, identifying novel attack vectors including adversarial examples, model poisoning, data extraction attacks, and jailbreaks for large language models and other foundation models.
• Work directly with top-tier AI organizations (frontier labs, leading AI companies) to assess the security posture of their most advanced ML systems, providing expertise that matches their internal research capabilities.
• Design and build novel security testing frameworks, evaluation methodologies, and open-source tools specifically for AI/ML security research—including adversarial robustness testing, model extraction detection, and automated vulnerability discovery systems.
• Develop comprehensive threat models for emerging AI/ML deployment patterns, anticipate future attack vectors, and establish security frameworks that can scale with rapidly evolving AI capabilities.
• Publish findings, present at security and AI/ML conferences, and contribute to the broader AI/ML security research discourse through papers, blog posts, and open-source contributions.
• Bridge AI/ML research and security engineering, translating complex adversarial AI/ML concepts to diverse stakeholders and working closely with Trail of Bits' broader security research teams.

Qualifications

• PhD-level expertise (completed, near completion, or equivalent research experience) in machine learning, deep learning, or related fields with demonstrated research contributions.
• Strong understanding of adversarial machine learning, including familiarity with attack paradigms such as evasion attacks, poisoning attacks, model inversion, membership inference, backdoor attacks, or prompt injection/jailbreaking techniques.
• Extensive hands-on experience with modern ML frameworks (PyTorch, JAX, TensorFlow), transformer architectures, training methodologies, and the full ML development lifecycle from data pipelines to deployment.
• Track record of high-quality research demonstrated through publications, preprints, open-source contributions, or other artifacts that the ML community recognizes.
• Strong software engineering skills in Python and at least one systems language (C/C++, Rust, or similar), with experience building research prototypes and tooling.
• Demonstrated ability to quickly learn new domains, identify security-critical edge cases, and think adversarially about complex systems without needing an explicit application security background.
• Ability to distill complex AI/ML security research into clear, actionable recommendations for technical and executive audiences, and present findings to sophisticated clients who are themselves AI/ML experts.

Requirements

• The base salary for this full-time position ranges from $175,000 to $300,000, excluding benefits and potential bonuses.
• Various factors influence our salary ranges, including the specific role, level of seniority, geographic location, and the nature of the employment contract.
• An individual's specific work location, unique skills, experience, and relevant educational background will determine the final offer within this range.
• The presented salary range encompasses the starting salaries for all U.S. locations.
• For a precise salary estimate tailored to your preferred location, please discuss it with your recruiter during the hiring process.

Benefits

• Competitive salary complemented by performance-based bonuses.
• Fully company-paid insurance packages, including health, dental, vision, disability, and life.
• A solid 401(k) plan with a 5% match of your base salary.
• 20 days of paid vacation with flexibility for more, adhering to jurisdictional regulations.
• 4 months of parental leave to cherish the arrival of new family members.
• $10,000 in relocation assistance to support your transition if moving to NYC.
• $1,000 Working-from-Home stipend to create a comfortable and productive home office.
• Annual $750 Learning & Development stipend for continuous personal and professional growth.
• Company-sponsored all-team celebrations, including travel and accommodation, to foster community and recognize achievements.
• Philanthropic contribution matching up to $2,000 annually.

Company Description

Since 2012, Trail of Bits has helped secure some of the world's most targeted organizations and devices. We combine high-end security research with a real-world attacker mentality to reduce risk and fortify code.

• We help our clientele — ranging from Facebook to DARPA — lead their industries.
• Their dedicated security teams come to us for our foundational tools and deep expertise in reverse engineering, cryptography, virtualization, malware, and software exploits.
• We may audit their products or networks, consult on modifications necessary for a secure deployment, or develop the features that close their security gaps.
• We believe the most meaningful security gains hide at the intersection of human intellect and computational power.