About the AI Security Institute
The AI Security Institute is the world's largest and best-funded team dedicated to understanding advanced AI risks and translating that knowledge into action. We're in the heart of the UK government with direct lines to No. 10 (the Prime Minister's office), and we work with frontier developers and governments globally.
We're here because governments are critical for advanced AI going well, and UK AISI is uniquely positioned to mobilise them. With our resources, unique agility and international influence, this is the best place to shape both AI development and government action.
The deadline for applying to this role is Sunday 8 March 2026, end of day, anywhere on Earth.
About the Team
As AI systems grow more capable and autonomous, understanding how humans could lose the ability to oversee, correct, or shut down these systems becomes critical – as does identifying what we can do to prevent it. Loss-of-control risk models remain far less developed than those in comparable domains like cybersecurity and chem-bio, and practical mitigations remain under-explored (especially beyond traditional alignment and control work).
We are building a new team to close this gap. The new Loss of Control Risk Modelling and Mitigations team will develop rigorous models of how loss of control could occur, identifying practical mitigations with a focus on measures the UK government are well-placed to implement. We will draw on expertise only available within government – especially the national security community – to develop risk models and mitigations far more developed than those in academia or industry.
The hiring manager for this role is Benjamin Hilton; the team is advised by Geoffrey Irving. You'll collaborate closely with researchers across AISI's red teams, evaluation teams, and alignment team, as well as with government stakeholders.
Related previous publications from AISI include the International AI Safety Report, the Frontier AI Trends Report, as well as: adapting vulnerability disclosure for AI safeguards, safety cases for cyber misuse risk from frontier AI, a sketch of an AI control safety case, an alignment safety case sketch based on debate, and evaluations of autonomous replication capabilities.
About the Role
Your work will draw on empirical evidence from AISI's evaluations, alongside the broader cybersecurity and ML literature to develop detailed and precise threat models and mitigations. You'll need to reason carefully about complex and uncertain scenarios and communicate findings clearly to both technical researchers and policy decision-makers. Some projects may also involve hands-on ML or cybersecurity work, in collaboration with government partners, to develop mitigations.
We are open to hires at junior, senior, staff, and principal research scientist levels. We may also make an offer to particularly promising candidates with management experience to lead the workstream in a management role.
Representative projects you might work on
1. Developing detailed models of specific loss-of-control scenarios — such as deceptive alignment during internal deployment, or a long-horizon agentic cyberattack — specifying their causal structure, key assumptions, and plausibility given current and projected AI capabilities and propensities.
2. Translating risk models and associated uncertainties into specifications for AISI's red teams and evaluation teams — identifying the tests that would provide the most informative evidence about whether specific risk pathways are viable.
3. Analysing the effectiveness of mitigations — such as monitoring infrastructure, compute governance, deployment guidelines, or containment protocols — drawing on input from national security stakeholders, and assessing which risk pathways remain plausible once mitigations are in place.
4. Collaborating and communicating with government and national security stakeholders to develop and implement possible interventions, in parti.
What we're looking for
The experiences listed below should be interpreted as examples of the expertise we're looking for, as opposed to a list of everything we expect to find in one applicant:
You may be a good fit if you have:
5. Experience producing detailed threat models, risk analyses, safety cases, or similar structured analytical work — in AI safety, cybersecurity, national security, or another domain.
6. A track record of published research or substantial written analysis demonstrating rigorous reasoning about complex, uncertain topics.
7. Strong written communication - an ability to present complex technical arguments clearly to both technical and non-technical audiences.
8. Deep familiarity with cybersecurity and the ways in which it will be impacted by high-capability AI agents; alternatively with the AI alignment and AI safety literature, including existing work on loss of control, deception, power-seeking, scalable oversight, and AI control.
9. A sense of mission, urgency, and responsibility for success.
10. An ability to bring your own research ideas and work in a self-directed way, while also collaborating effectively and prioritising team efforts over extensive solo work.
Strong candidates may also have:
11. Hands-on experience with large language models (e.g., training, fine-tuning, evaluation, or red-teaming), providing concrete understanding of current model capabilities and limitations.
12. Familiarity with AI capability evaluations and benchmarking methodologies.
13. Desire to (and experience with) improve teams through mentoring and feedback.
Security clearance
We have a preference for candidates eligible for UK government SC clearance which typically requires residence in the UK for at least the last 2 years. You may also be required to undergo Developed Vetting (DV) which typically requires a longer period of UK residency (at least 5 years).
Other core requirements
14. You should be able to spend at least 9 days per fortnight working with us.
15. You should be willing to work from our office in London (Whitehall) at least 3 days/week.
16. You should be UK-based.
What We Offer
Impact you couldn't have anywhere else
17. Incredibly talented, mission-driven and supportive colleagues.
18. Direct influence on how frontier AI is governed and deployed globally.
19. Work with the Prime Minister's AI Advisor and leading AI companies.
20. Opportunity to shape the first & best-resourced public-interest research team focused on AI security.
Resources & access
21. Pre-release access to multiple frontier models and ample compute.
22. Extensive operational support so you can focus on research and ship quickly.
23. Work with experts across national security, policy, AI research and adjacent sciences.
Growth & autonomy
24. If you're talented and driven, you'll own important problems early.
25. 5 days off learning and development, annual stipends for learning and development and funding for conferences and external collaborations.
26. Freedom to pursue research bets without product pressure.
27. Opportunities to publish and collaborate externally.
Life & family*
28. Modern central London office (cafes, food court, gym), or where applicable, option to work in similar government offices in Birmingham, Cardiff, Darlington, Edinburgh, Salford or Bristol.
29. Hybrid working, flexibility for occasional remote work abroad and stipends for work-from-home equipment.
30. At least 25 days' annual leave, 8 public holidays, extra team-wide breaks and 3 days off for volunteering.
31. Generous paid parental leave (36 weeks of UK statutory leave shared between parents + 3 extra paid weeks + option for additional unpaid time).
32. On top of your salary, we contribute 28.97% of your base salary to your pension.
33. Discounts and benefits for cycling to work, donations and retail/gyms.
*These benefits apply to direct employees. Benefits may differ for individuals joining through other employment arrangements such as secondments.
Salary
Annual salary is benchmarked to role scope and relevant experience. Most offers land between £65,000 and £145,000 made up of a base salary plus a technical allowance (take-home salary = base + technical allowance). An additional 28.97% employer pension contribution is paid on the base salary.
This role sits outside of the DDaT pay framework given the scope of this role requires in depth technical expertise in frontier AI safety, robustness and advanced AI architectures.
The full range of salaries are available below:
34. Level 3: £65,000–£75,000 (Base £35,720 + Technical Allowance £29,280–£39,280)
35. Level 4: £85,000–£95,000 (Base £42,495 + Technical Allowance £42,505–£52,505)
36. Level 5: £105,000–£115,000 (Base £55,805 + Technical Allowance £49,195–£59,195)
37. Level 6: £125,000–£135,000 (Base £68,770 + Technical Allowance £56,230–£66,230)
38. Level 7: £145,000 (Base £68,770 + Technical Allowance £76,230)
-----------------------------------
Additional Information
Use of AI in Applications
Artificial Intelligence can be a useful tool to support your application, however, all examples and statements provided must be truthful, factually accurate and taken directly from your own experience. Where plagiarism has been identified (presenting the ideas and experiences of others, or generated by artificial intelligence, as your own) applications may be withdrawn and internal candidates may be subject to disciplinary action. Please see our candidate guidance for more information on appropriate and inappropriate use.
Internal Fraud Database
The Internal Fraud function of the Fraud, Error, Debt and Grants Function at the Cabinet Office processes details of civil servants who have been dismissed for committing internal fraud, or who would have been dismissed had they not resigned. The Cabinet Office receives the details from participating government organisations of civil servants who have been dismissed, or who would have been dismissed had they not resigned, for internal fraud. In instances such as this, civil servants are then banned for 5 years from further employment in the civil service. The Cabinet Office then processes this data and discloses a limited dataset back to DLUHC as a participating government organisations. DLUHC then carry out the pre employment checks so as to detect instances where known fraudsters are attempting to reapply for roles in the civil service. In this way, the policy is ensured and the repetition of internal fraud is prevented. For more information please see - Internal Fraud Register.
Security
Successful candidates must undergo a criminal record check and get baseline personnel security standard (BPSS) clearance before they can be appointed. Additionally, there is a strong preference for eligibility for counter-terrorist check (CTC) clearance. Some roles may require higher levels of clearance, and we will state this by exception in the job advertisement. See our vetting charter here.
Nationality requirements
We may be able to offer roles to applicant from any nationality or background. As such we encourage you to apply even if you do not meet the standard nationality requirements (opens in a new window).
Working for the Civil Service
The Civil Service Code (opens in a new window) sets out the standards of behaviour expected of civil servants. We recruit by merit on the basis of fair and open competition, as outlined in the Civil Service Commission's recruitment principles (opens in a new window). The Civil Service embraces diversity and promotes equal opportunities. As such, we run a Disability Confident Scheme (DCS) for candidates with disabilities who meet the minimum selection criteria. The Civil Service also offers a Redeployment Interview Scheme to civil servants who are at risk of redundancy, and who meet the minimum requirements for the advertised vacancy.
Diversity and Inclusion
The Civil Service is committed to attract, retain and invest in talent wherever it is found. To learn more please see the Civil Service People Plan (opens in a new window) and the Civil Service Diversity and Inclusion Strategy (opens in a new window).