About AktoAkto is an enterprise-grade Agentic AI Security platform used by global organizations to discover APIs, continuously test them, and secure AI agents, MCPs, and GenAI applications. Our customers use Akto not for point-in-time reports, but for ongoing security outcomes across APIs and AI systems.This role is critical to ensuring customers successfully adopt Akto for real-world API security testing and AI red teaming.Role OverviewWe are looking for a hands-on security engineer with a strong pentesting background who wants to move beyond traditional, report-driven penetration testing.As a Security Engineer – Customer Success, you will own the security testing journey for Akto customers. You will work directly with customer AppSec, DevSecOps, and Platform teams to run API security testing and AI red teaming using Akto, validate findings, explain impact, and help customers improve their security posture over time.This is a technical, customer-facing role with real ownership of outcomes.Key ResponsibilitiesCustomer Security OwnershipOwn assigned customer accounts from a security testing and adoption perspectiveAct as the primary security expert for customers using Akto for API security and AI red teamingEnsure customers are actively discovering APIs, running tests, and addressing real vulnerabilitiesAPI Security TestingPerform hands-on API security testing using Akto:API discovery (including shadow and undocumented APIs)Automated and guided API testingValidation of findings such as IDORs, auth issues, business logic flaws, SSRF, and data exposureGo beyond tool output to:Verify findingsExplain impactRecommend practical remediation stepsAI Red Teaming & Agent SecurityRun AI red teaming exercises using Akto for:AI agentsMCPsGenAI applications and LLM-powered workflowsUnderstand and test for AI-specific threats such as:Prompt injectionData leakage and exfiltrationTool misuse and privilege escalation via agentsTranslate AI security risks into actionable insights for customersCustomer Collaboration & EnablementWork closely with customer security and engineering teams to:Explain findings clearlyPrioritize risksImprove secure development practicesJoin customer calls to walk through results, answer technical questions, and guide next stepsAdoption & Product FeedbackProactively identify gaps in product usage or adoptionRecommend better configurations, additional tests, or expanded use casesProvide structured feedback to Product and Engineering teams based on real customer usageRequired Qualifications3+ years of hands-on experience in penetration testing, application security, or API securityStrong understanding of:API security concepts (REST, auth mechanisms, tokens, roles, rate limits)Common web and API vulnerabilitiesBusiness logic and authorization flawsExperience testing APIs using tools such as Postman, Burp, or similarAbility to validate vulnerabilities and explain risk clearlyComfortable working directly with customers in a technical rolePreferred QualificationsExperience with API-first security tools or platformsExposure to AI / LLM security, red teaming, or agent-based systemsFamiliarity with OpenAPI / Swagger specificationsExperience working in a customer-facing or consulting roleStrong written and verbal communication skillsWhat Makes This Role DifferentYou will own security outcomes, not just generate reportsYou will work on continuous API security and AI red teaming, not point-in-time testsYou will influence:Customer adoptionProduct directionLong-term customer successYou will be at the forefront of API and Agentic AI Security, an emerging and high-impact spaceWho Will Succeed in This RoleA pentester who wants to see vulnerabilities actually fixedA security engineer who enjoys working with real production systemsSomeone curious about AI security and excited to learn fastA practitioner who values clarity, impact, and ownership
