AI Security Research Intern

Position:

Location:

Duration:

Department:

Reporting To:

Stipend:

About Us:

Bulwarkers specializes in providing comprehensive cybersecurity solutions, offering expertise in Vulnerability Assessments and Penetration Testing, and strategic security measures.

Role Overview:

AI Security Research Intern

Key Responsibilities:

1. Cloud AI Services Research

• Explore and document AI/ML services across

  Azure, AWS, Google Cloud, and other major cloud providers

  .
• Identify active and inactive AI services within cloud environments and collect deployment details (resource ID, instance type, metadata, guardrails, and related configurations).

2. Technical Deep-Dive Analysis

• Perform end-to-end analysis of each AI service to understand:
• Service purpose and architecture
• Supported models (e.g., GPT-3.5, GPT-4, custom models, vision models)
• Input/Output behavior
• Security features, guardrails, and content-safety modules

3. API & SDK Enumeration

• Identify available APIs, endpoints, parameters, and response patterns for each AI service.
• Explore official SDKs (Python, Node.js, Go, etc.) and understand authentication mechanisms.

4. Metadata & Configuration Analysis

• Extract and analyze metadata for AI services, including:
• Model versions
• Deployment region
• Network configuration
• Access control settings
• Logging and monitoring settings

5. Misconfiguration Detection

• Evaluate AI service configurations to detect:
• Access control weaknesses
• Unrestricted endpoint exposure
• Lack of content-safety controls
• Improper network/firewall settings
• Weak authentication mechanisms
• Document findings with clear pass/fail criteria.

6. Security Control Development

• Convert metadata analysis into

  testable security controls

  for AI security evaluation.
• Create baseline security benchmarks for AI services across cloud providers.

7. Threat Modeling

• Conduct

  threat modeling for AI systems

  , focusing on:
• Model misuse and prompt-based attacks
• Data poisoning risks
• Model inversion
• Unauthorized access
• Abuse of deployed AI endpoints
• Propose mitigations based on recognized AI threat frameworks.

8. Hands-On Research & Prototyping

• Build minimal PoCs to test API behaviors, content-safety features, and service guardrails.
• Validate security findings using SDKs, scripts, Postman, and cloud CLI tools.

Qualifications:

Technical Skills

• Basic understanding of

  cloud platforms

  (Azure/AWS/GCP).
• Good programming knowledge in

  Python or Node.js

  .
• Familiarity with REST APIs and SDK usage.
• Understanding of AI/ML concepts (models, training, inference).
• Knowledge of authentication (OAuth2.0, API Keys, IAM roles) is a plus.

Security Skills (Preferred)

• Understanding of cloud security fundamentals.
• Familiarity with security misconfigurations and risk assessment.
• Basic knowledge of AI security concepts (prompt injection, data leakage, etc.) is preferred but not mandatory.

Soft Skills

• Strong analytical and problem-solving ability.
• Good research and documentation skills.
• Ability to work independently and meet research deadlines.

What You Will Learn:

• Deep understanding of AI security across cloud ecosystems.
• Hands-on experience with Azure OpenAI, AWS Bedrock, GCP Gemini, and other AI services.
• Real-world exposure to AI misconfigurations and threat modeling.
• Building security controls, benchmarks, and testable validations for AI services.
• Developing automation scripts for cloud and AI security checks.

Ideal Candidate:

AI, security, and cloud technologies

How to Apply:

career@bulwarkers.com