NewJunior
Founded in 2019, Rock Bund Capital is a proprietary trading firm deeply committed to shaping the future of the cryptocurrency industry. We have an average daily trading volume reaching $1 billion and peak daily trading volume of $9 billion USD. We process over 15 million transactions daily, trading more than 1,000 symbols across major CEx and DEx.
Our team combines expertise in traditional finance, quantitative research, and advanced engineering with a deep understanding of blockchain technology. This unique blend enables us to excel in trading across complex crypto markets, including both CeFi and DeFi, while providing capital and strategic guidance to projects that drive innovation and foster sustainable growth in the crypto industry.
Requirements Review & Security Design: Lead security reviews, threat modeling, and penetration testing for AI Agents. Design and implement defense mechanisms against emerging threats, including tool abuse, context contamination, data poisoning, and prompt injection.
Automated Security Tooling: Design and develop AI-powered automated security detection tools. Utilize Machine Learning (ML) and Deep Learning (DL) techniques to enhance threat detection, anomalous behavior analysis, and vulnerability discovery efficiency.
Security Operations & Auditing: Participate in building Agent behavior auditing and anomaly detection systems to identify runtime malicious behavior chains. Help construct an AI-driven Security Operations platform to automate alert triage, attack attribution, and incident response strategy generation.
Security Guardrails Implementation: Co-design and implement Agent security guardrails, including input filtering, output sanitization, tool call permission controls, and sandbox isolation.
Frontier Research & Adversarial Defense: Track and research cutting-edge security threats in the AI/Agent ecosystem (e.g., prompt injection, tool abuse, privilege escalation, data exfiltration, supply chain attacks). Explore, design, and deploy robust defense solutions tailored to real-world business scenarios.
Experience: Minimum of 3 years of experience in security development or penetration testing, with at least 1 year dedicated to LLM/AI security offense and defense. Proven Red Teaming or real-world adversarial experience is highly preferred.
Frameworks & Frameworks: Deep familiarity with security frameworks such as OWASP Top 10 for LLM and MITRE ATT&CK. Strong understanding of common AI attack vectors, adversarial logic, and mitigation strategies, paired with a strong passion for AI security.
Domain Knowledge: Familiarity with the entire AI product lifecycle (design, development, deployment, and operations). Understanding of cloud-native threat detection and standard infrastructure security. Prior experience in Web3 security and defense is a strong plus.
Technical Skills: Proficient in at least one programming language (e.g., Python, Go, C++). Capable of building custom security tools from scratch or heavily customizing/extending open-source security platforms.
Soft Skills: Exceptional communication, collaboration, and project management skills. A self-starter with strong continuous learning capabilities, able to own projects independently and convert bleeding-edge research into practical production defenses.
Proven track record in elite Red Teaming, or top-tier performance in major CTF/Cybersecurity competitions. Experience discovering and reporting high-severity vulnerabilities (e.g., CNVD/CNNVD, CVEs), or a record of publishing Web/AI security papers in top-tier conferences/journals, or filed patents.
Familiarity with mainstream AI frameworks and orchestration tools (e.g., PyTorch, TensorFlow, LangChain, LlamaIndex), with hands-on experience in local LLM deployment and optimization.
Competitive remuneration package and a m eritocratic culture where accomplishments are rewarded
Fast paced and result-oriented with a flat structure
Teams collaborate in a casual working environment
Excellent exposure to the digital asset ecosystem and the latest market insight
Great career development opportunities
Disclaimer We do not accept unsolicited resumes from any professional staffing or search firms. All resumes, or any other information identifying potential candidates, shared with any employee of Rock Bund Capital or its affiliates by any method without a standing signed supplier agreement will be deemed free to contact without restrictions, and no placement fee of any kind will be paid in the event the candidate is hired by Rock Bund Capital or any of its affiliates.
Qualifications: 3+ years security development, 3+ years penetration testing, 1+ year LLM/AI security, Red Teaming experience, adversarial experience, security reviews, threat modeling, penetration testing, AI Agents, defense mechanisms, automated security detection tools, Machine Learning, Deep Learning, Agent behavior auditing, anomaly detection, AI-driven Security Operations, security guardrails, input filtering, output sanitization, OWASP Top 10 for LLM, MITRE ATT&CK, AI attack vectors, Python, Go, C++, custom security tools, Web3 security, cloud-native threat detection, exceptional communication, collaboration, project management, self-starter, continuous learning, PyTorch, TensorFlow, LangChain, LlamaIndex, local LLM deployment, CTF/Cybersecurity competitions, high-severity vulnerabilities