Blue Yonder Overview:

• Leading AI-driven Global Supply Chain Solutions Software Product Company and one of Glassdoor’s “Best Places to Work”

What you’ll do:

• Conduct manual and automated penetration testing on BY web applications, APIs.
• Conduct comprehensive penetration tests on AI systems, including machine learning models, natural language processing applications, and AI-driven platforms.
• Simulate attacks to identify vulnerabilities and weaknesses in AI algorithms, data handling, and system architecture.
• Identifying and exploiting vulnerabilities in LLM-based applications, such as prompt injection or adversarial attacks.
• Evaluating the security of ML models by identifying vulnerabilities, such as evasion, poisoning, model extraction attacks, etc.
• Performing technical research including analysis of current attack and safety trends and solutions to evaluate, detect and mitigate risk in AI implementations.
• Perform risk assessments to evaluate the security posture of AI solutions.
• Assess the security of data used for training AI models, ensuring data integrity and privacy.
• Provide guidance on secure AI development practices and assist in the integration of security measures.
• Contribute to the development of new testing methodologies and tools specific to AI security.
• Ensure adherence to industry standards, regulations, and best practices related to AI security.
• Evaluate the effectiveness of existing security controls and suggest improvements.
• Understand and able to calculate risk for vulnerabilities using risk rating methodologies like CVSS.
• Good in report preparation with executive summary and technical details.
• Managing vulnerabilities found during the penetration testing activities, getting the remediation plan within timelines, and helping the team in fixing them.
• Work with development teams to ensure false positives are verified and documented.
• Research and recommend fixes for issues/vulnerabilities identified during the penetration testing.
• Conduct research on new vulnerabilities and threats regularly to improve oneself capabilities.
• Maintain a professional working relationship with other departments through clear communication and project level collaborations.
• Collaborates with information security, product development teams, customer support, and Blue Yonder customers to resolve security related issues/concerns.

What we are looking for:

• 10+ years of web application penetration testing and API security testing.

• Expert knowledge of application vulnerabilities, exploits, and remediation techniques

• Strong understanding of AI and machine learning algorithms and their security implications.

• Experience in pentesting ML systems, assessing the security posture of AI-driven applications and suggesting improvements.

• Expert knowledge of OWASP TOP 10 and OWASP TOP 10 for LLM.

• Excellent communication skills

Our Values

If you want to know the heart of a company, take a look at their values. Ours unite us. They are what drive our success – and the success of our customers. Does your heart beat like ours? Find out here: Core Values

Diversity, Inclusion, Value & Equity (DIVE) is our strategy for fostering an inclusive environment we can be proud of. Check out Blue Yonder's inaugural Diversity Report which outlines our commitment to change, and our video celebrating the differences in all of us in the words of some of our associates from around the world.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status.