AI Security Specialist

Our Team Culture:

Transform your career with iFood! We are a leading Brazilian technology company in Latin America. Through innovative solutions, we connect thousands of restaurants with millions of consumers every day, processing an average of 100 million orders per month. In addition to food delivery, we also operate in Grocery, Pharmacy, and Pet. We also have iFood Pago, our fintech division, which includes iFood Benefits, iFood’s food and meal vouchers, and iFood Pago itself—the restaurant bank. Join us and be part of a team that’s always ahead of the curve with cutting-edge technology and constant innovation.

Your Daily Menu:

As an AI Security Specialist, you will support the AI Security team in protecting iFood’s Artificial Intelligence ecosystem, working on initiatives involving LLMs, agents, machine learning models, internal platforms, deployment pipelines, and integrations with sensitive data.

On a day-to-day basis, you will:

• Support security testing on LLM-based applications, including scenarios involving prompt injection, jailbreak, data leakage, tool abuse, and context manipulation.

• Execute test cases on internal and user-facing agents, following playbooks defined by the team.

• Contribute to the evolution of test suites using tools such as Promptfoo or equivalents.

• Support the analysis of alerts and signals generated by controls such as LLM Firewall, guardrails, Anonymizer, and AI Gateway.

• Perform functional validations and regression tests on AI Security services and controls.

• Support basic analysis of logs, metrics, and events related to LLM traffic, agents, and internal platforms.

• Help identify false positives, false negatives, and opportunities for improvement in detection rules, heuristics, and policies.

• Support security reviews of MCPs, skills, and tools used by developers or agents.

• Contribute to basic security-related testing of ML artifacts, supply chain, and quality gates in pipelines.

• Document technical findings, evidence, FAQs, guides, playbooks, and best practices in a clear, objective, and actionable manner.

• Support initiatives in education, awareness, CTFs, meetups, applied research, and the consolidation of technical references. Qualifications We Seek:- Knowledge of information security, software development, infrastructure, or related fields.

• Understanding of APIs, HTTP, authentication, authorization, logs, and basic event analysis.

• Proficiency in at least one programming language, preferably Python, Go, or JavaScript/TypeScript.

• Familiarity with Git, GitLab/GitHub, CI/CD pipelines, and code review.

• Interest in Artificial Intelligence, LLMs, agents, Machine Learning, or security applied to AI.

• Ability to read technical documentation and translate learnings into tests, checklists, or simple recommendations.

• Experience documenting tests, findings, evidence, and recommendations.

• Experience analyzing logs, permissions, prompts, configurations, and data flows.

• Technical curiosity, a desire to learn, and the ability to grow with guidance and feedback.

• Responsibility when handling sensitive data, credentials, internal environments, and security test results.

To Enhance the Experience:

• Academic experience such as undergraduate research, graduate studies, extension courses, or other programs in AI, data, or software engineering.

• Basic knowledge of OWASP Top 10, OWASP Top 10 for LLM Applications, or threat modeling concepts.

• Familiarity with prompt injection, jailbreaks, data leakage, tool abuse, or attacks against LLM applications.

• Experience with testing tools, automation, scripting, or evidence organization.

• Familiarity with concepts such as MCP, skills, agents, AI gateways, token exchange, or identity propagation.

• Interest in ML Security, model supply chains, dataset security, dependencies, or Machine Learning artifacts.

• Participation in CTFs, technical communities, research groups, meetups, or technical writing initiatives.

• Interest in applied research in AI Security, LLM Security, Agent Security, or ML Security. We are looking for someone passionate about technology security, who is always seeking new learning opportunities and who enjoys challenges. If this sounds like you, we’d love to meet you!