We are a nonprofit working on AI x Cybersecurity risks and hiring researchers to work on two agendas (see video for more details):

• AI ATT&CK: automate any particular part of the cyber kill chain and release results responsibly to close the capability gap and help preparedness for future AI hacking tools.
• Economic modelling: ground down AI improvements as measured by hacking benchmarks into expected increase of losses from cyber attacks in a given economy sector.

Our theory of change is to directly influence US AI policy, as opposed to working on AI theory. Your work as a Research Engineer could look like this:

1. Come up with a promising experiment in one of the two agendas. E.g.: I think GPT-4 could do binary exploitation to the level of OCSP/CREA. Concretely, I think it could hack all of crackmes.one level 3 challenges.
2. Develop the experiment end-to-end, coming up with its design (how to measure the thing?) and requisite harness (Python code) and collecting data.
3. Write your results up for publication on arXiv, as a landing page, or as a report for policymakers.

Our work process looks like this:

• We post daily statuses for each other to keep in sync re our directions.
• We propose new ideas or directions by writing up a doc, sharing it, and getting comments.
• Our median response time to each other is in hours, not minutes: we work in a somewhat independent and self-directed fashion.

Here are the key skills one needs to succeed in this role:

• Excellent Python proficiency: it's important for coding to not get into your way while doing research.
• Understanding of the cyber landscape.
• Being good at writing.
• Flexibility in attacking the problem from different directions.
• Habit of only spending time on important things.
• For box of hacks: familiarity with systems programming. You'll need it to write advanced harnesses.
• For economic modelling: familiarity with standard economic techniques and statistical inference.

Compensation is 1200-5000$/mo depending on hours and fit.