Attacker Operations Center (AOC) Analyst
A successful Attacker Operations Center (AOC) Analyst at Armadin should possess an understanding of both offensive information security and artificial intelligence workflows. They should understand fundamental concepts such as web application architecture, authentication mechanisms, and network security, and be able to learn advanced concepts such as AI safety constraints, attacker data classification, and context-driven exploit validation. This is not a traditional "monitor the dashboard" defensive SOC job; this career is technical, offensive-focused, and challenging, with opportunities to work at the cutting edge of AI-driven red teaming alongside world-class red teamers. A typical shift could involve reviewing an AI attacker’s safety disengagement during a complex web application test, bypassing a sophisticated CAPTCHA to unblock an automated attack path, or providing the missing contextual judgment an AI needs to exploit a deep vulnerability. If you can rapidly evaluate applications, make critical safety judgments on the fly, think like a red teamer, and feed data back to engineering teams to improve AI models, then you’re the type of analyst we’re looking for.
As an Armadin AOC Analyst, you’ll get hands-on experience acting as the "human-in-the-loop" for complex security problems on a daily basis. We help our clients protect their most sensitive data through real-world, AI-driven scenario testing. The objective doesn’t end at launching the automated attacker; that is only the start.
WHAT YOU WILL DO
* Perform Disengagement Validation by reviewing AI attacker decisions to ensure each proposed action is appropriate and safe given the specific application context.
* Unblock AI authentication hurdles by providing necessary context, solving CAPTCHAs, or utilizing alternative avenues to establish access.
* Guide the AI during the reconnaissance phase and ensure Attack Data Classification is accurate and actionable.
* Serve as a critical feedback contributor, feeding your tactical decisions back into the system to help safety engineers calibrate models, reduce false positives, and maintain rigorous safety guarantees.
* Navigate and maintain deep context across multiple simultaneous client engagements.
Qualifications
MINIMUM REQUIREMENTS
* 1+ years’ experience, via internships, classes, projects, or professional work, in at least one of the following:
* Web application or network penetration testing
* Security Operations Center (SOC) or tactical monitoring environments
* Manual interaction with complex authentication flows, APIs, or session management
* Evaluating or auditing automated security tools and vulnerability scanners
* Ability to rapidly context-switch between multiple live engagements while maintaining strict attention to detail and safety protocols.
* Must be eligible to work in the US without sponsorship.
PREFERRED QUALIFICATIONS
* Prior experience working alongside Artificial Intelligence, Machine Learning models, or automated offensive security frameworks.
* Experience in security competitions, CTFs, and/or testing platforms such as Hack the Box, TryHackMe, PortSwigger Web Security Academy, etc.
* Strong technical acumen and the ability to quickly assimilate new information to make time-sensitive "human-in-the-loop" judgments.
* Ability to document and explain technical decisions clearly to internal safety and engineering teams.
#J-18808-Ljbffr