AI Engineer – Pentesting Agent
TryHackMe is the fastest-growing online cyber security training platform. Having only been around for handful of years, we've grown to more than 6 million users and are used by >1000 businesses (including governments and Fortune 500 companies like Google and Microsoft).
With a $1M starting budget we're developing a fully autonomous AI pentester that can plan, exploit, adapt, and report with the speed and precision required for modern offensive security. We’re looking for an engineer to join our small talented team to test and develop our agent.
You must have an interest in cyber security, be deeply curious, and passionate about AI agents.
The Role
You’ll be designing the system’s core logic, shaping its reasoning, decision paths, memory, and execution flow so it can handle complex offensive tasks reliably. Your day to day involves collaborating closely with an offensive security researcher to align the agent with real attacker workflows and improve how it identifies and exploits vulnerabilities.
What You’ll Do
* Contribute to the development and optimisation of our autonomous AI pentesting agent.
* Build and maintain safe environments to run, test, and benchmark agent behaviours.
* Implement core agent capabilities such as reasoning, decision-making, planning, and tool orchestration.
* Assist in evaluating and comparing large language models (Claude, OpenAI models, Mistral, Llama, etc) for agent tasks.
* Build UI components and dashboards using React and support browser automation workflows using Playwright for agent evaluation.
* Support continuous refinement of the agent through experimentation, observability, and lab testing.
What We’re Looking For
* 2+ years software development experience with strong Python skills
* Experience building AI agents (LangChain, CrewAI, Strands SDK, etc.)
* Hands‑on with agent design: reasoning, memory, tool orchestration, structured outputs
* Prompt engineering, RAG, chain‑of‑thought, few‑shot learning, agent evaluation
* SQL/NoSQL databases and basic data modeling
* Docker, AWS, cloud deployment, shell scripting
* React for frontend/dashboards
Bonus points
* Familiarity with OWASP Top 10
* Model training and fine‑tuning (LoRA, PEFT) with evaluation experience
* Cyber security expertise: OWASP attacks, pentesting methodologies
* Experience with TryHackMe or other CTF platforms
* Playwright for browser automation in agent workflows
Benefits
* Competitive salary
* Equity in the AI pentesting venture
* Early‑stage role with real ownership and autonomy
Please note that we are currently unable to provide sponsorship.
#J-18808-Ljbffr