Recommended expert

Maryam Mouzarani

AI Red Team Engineer

Maryam Mouzarani
Hamburg, Germany

Experience

Aug 2025 - Present
6 months

AI Red Team Engineer

Applause

  • Performed security assessments and penetration testing on Microsoft AI models for text, image, and video generation.
  • Conducted prompt injection attacks through diverse input vectors, including crafted text, steganographic images, and manipulated visual elements (e.g., varying opacity and embedded content).
May 2025 - Present
9 months

Member, AI Red Teaming Contributor

OWASP AI Exchange

  • Contribute to AI Red Teaming initiatives, researching and testing threats such as prompt injection, data poisoning, and model manipulation in AI and data-centric systems.
  • Support development of global AI security and privacy standards, including the EU AI Act, ISO/IEC 27090 (AI Security), and ISO/IEC 27091 (AI Privacy), helping shape controls for safer, more trustworthy AI.
Jan 2025 - Present
1 year 1 month

Red Team Prompt Injection Specialist

Freelancer

  • Conducted targeted prompt injection attacks (direct and indirect) against the frontier large language model that generates text, images, and videos or controls a system with available APIs to test its robustness against adversarial inputs.
  • Utilized a variety of tools, techniques, and open-source resources to craft and execute attacks simulating real-world misuse scenarios.
  • Documented findings related to prompt leakage, unintended behaviors, and model safety vulnerabilities.
  • Contributed to model safety evaluations by reporting edge-case failure modes and proposing mitigation strategies.
  • Operated under strict ethical guidelines to ensure responsible AI red teaming practices.
Dec 2024 - Apr 2025
5 months

LLM Security Penetration Tester

Mindrift

  • Performed security assessments and penetration testing for LLM-based applications with a focus on OWASP Top 10 for LLMs.
  • Conducted prompt injection, data leakage, and model manipulation tests on Anthropic Claude agents, creating various attack vectors and recommendations for strengthening the agents against successful attacks.
Sep 2023 - Dec 2023
4 months
Hamburg, Germany

Software Security Engineer

Code Intelligence

  • Conducted penetration testing for automotive clients, focusing on native applications and infrastructure vulnerabilities.
  • Delivered presentations on fuzz testing and assisted clients in utilizing fuzzing tools to analyze and secure their code.
  • Provided technical support and guidance for improving tool utilization and resolving identified security flaws.
Aug 2018 - Mar 2023
4 years 8 months
Isfahan, Iran, Islamic Republic of

Assistant Professor

Isfahan University of Technology

  • Taught courses in software security and led research projects focusing on vulnerability detection and secure coding practices.
  • Organized student job fairs and industrial cooperation festivals to foster partnerships and facilitate knowledge exchange in cybersecurity.
Jun 2016 - Mar 2017
10 months
Tehran, Iran, Islamic Republic of

Software Security Consultant

Ansar Bank

  • Conducted security audits and penetration tests on Java applications and internal infrastructure.
  • Worked with development teams to integrate security measures into the software development lifecycle, ensuring secure coding practices were followed.
  • Provided actionable recommendations for mitigating security vulnerabilities and enhancing application security.
Sep 2015 - Mar 2018
2 years 7 months

Smart Fuzzing and Vulnerability Detection

Freelancer

  • Designed and implemented a smart fuzzing algorithm to detect vulnerabilities in binary C/C++ code, including stack/heap overflows and buffer overflows.
  • Utilized tools like Valgrind and Angr to enhance vulnerability detection accuracy.
Sep 2014 - Mar 2018
3 years 7 months
Tehran, Iran, Islamic Republic of

Researcher and Developer

APA Research Center

  • Led a team in penetration testing for web applications and Android apps, identifying security flaws and proposing solutions.
  • Developed security analysis guidelines for various platforms, enhancing the vulnerability detection process.
  • Provided consultation to MSc students on cybersecurity research and penetration testing methodologies.
  • Presented secure coding workshops for students and developers.
Jun 2011 - Aug 2012
1 year 3 months
Isfahan, Iran, Islamic Republic of

Software Developer

PayamPardaz

  • Developed a correlation engine for SIEM solutions, using Python and C++ to detect and respond to security incidents.
  • Implemented automated security event correlation and generated actionable alerts for security teams.

Penetration Testing for Web Applications

Freelancer

  • Conducted penetration testing on various web applications and internal systems for small businesses.
  • Developed detailed security reports, identified vulnerabilities, and recommended countermeasures to mitigate risks.

Summary

Experienced Cyber Security Engineer specializing in application security with over 10 years of expertise in penetration testing, security audits, and secure coding practices. Proficient in identifying vulnerabilities in web and mobile applications and applying security best practices in the development lifecycle.

Recently transitioned into Large Language Model (LLM) engineering, with hands-on experience in building multi-agent LLM applications, Retrieval-Augmented Generation (RAG) pipelines, and fine-tuning models for domain-specific tasks. Proficient in LLM security testing and mitigation of OWASP Top 10 LLM-specific vulnerabilities. Skilled in threat modeling, secure coding, and integrating AI security best practices. Adept at collaborating with engineering teams to ensure both traditional and AI-driven applications are secure from design to deployment.

Skills

  • Llm Engineering: Multi-agent Llm Systems, Langchain, Retrieval-augmented Generation (Rag), Fine-tuning (Lora, Qlora), Prompt Engineering
  • Llm Security: Owasp Top 10 For Llms, Llm Threat Modeling, Red Teaming For Ai Systems, Prompt Injection, Supply Chain Risks, Moderation Frameworks (Openai, Llama Guard, Aws Bedrock Guardrails), Secure Deployment Practices Across Cloud, Hybrid, And Local Environments, Knowledge Poisoning Defenses, Pickle Model Scanning, Ci/cd Integration (Mlops/mlsecops), Risk Management Frameworks (Mitre Atlas, Threat Modeling)
  • Application Security: Penetration Testing, Vulnerability Assessments, Security Audits, Threat Modeling, Security Architecture
  • Penetration Testing: Web Applications, Mobile Applications, Embedded Systems, Static & Dynamic Analysis
  • Languages: Php, Python, C/c++, Html5, Css3
  • Tools: Langchain, Openai Api, Hugging Face Transformers, Burp Suite, Owasp Zap, Valgrind, Nmap, Nessus, Wireshark, Metasploit, Angr, Gdb
  • Security Standards: Secure Software Development Lifecycle, Owasp Top 10, Iso 27001
  • Code Review & Debugging: Code Reviews, Debugging Php-based Applications, Ci/cd (Gitlab)
  • Version Control: Git, Github, Gitlab
  • Agile Methodology: Scrum, Agile Development

Languages

Persian
Native
English
Advanced
German
Intermediate

Education

Mar 2011 - Mar 2017

Amirkabir University of Technology

Ph.D. · Software Engineering · Tehran, Iran, Islamic Republic of

Sep 2008 - Sep 2011

Amirkabir University of Technology

M.Sc. · Information Security · Tehran, Iran, Islamic Republic of

Sep 2004 - Sep 2008

Esfahan University of Technology

B.Sc. · Computer Engineering · Isfahan, Iran, Islamic Republic of

Certifications & licenses

MCSE 2003

OWASP AI Security Training

SANS GenAI & LLM Application Security Training

Need a freelancer? Find your match in seconds.
Try FRATCH GPT
More actions

Similar Freelancers

Discover other experts with similar qualifications and experience

Seyed farhad Miri
Seyed farhad Miri

Senior Product Security Engineer

View Profile
Erlijn Van genuchten
Erlijn Van genuchten

Science communicator and change manager

View Profile
Ilayda Dede
Ilayda Dede

Cybersecurity & Ethical Hacking Program

View Profile
Niels Aerts
Niels Aerts

Azure Architect

View Profile
Valeri Milke
Valeri Milke

Associate Partner - Information Security Consulting

View Profile
Henryk Orantek
Henryk Orantek

Security Consultant

View Profile
Markus Willems
Markus Willems

KRITIS Consultant

View Profile
Mevlüt Yıldırım
Mevlüt Yıldırım

Project

View Profile
Ali Yazdani
Ali Yazdani

Principal Product Security Engineer

View Profile
Nils Klawitter
Nils Klawitter

Vulnerability Management and Secure SDLC

View Profile
Alexander Nagy
Alexander Nagy

Security Expert

View Profile
Arne Hendricks
Arne Hendricks

Embedded Fullstack Developer

View Profile
Martin Wilhelmi
Martin Wilhelmi

Security Auditor

View Profile
Stanislaus Stelle
Stanislaus Stelle

Security Consultant at Rohde & Schwarz AG

View Profile
Kevin Engelhardt
Kevin Engelhardt

CISO as a Service

View Profile
Amit Vitekar
Amit Vitekar

Security Consultant (Ethical Hacker)

View Profile
Pierre Gronau
Pierre Gronau

Ansible Automation, Windows Third Level Support

View Profile
Benjamin Wheatland
Benjamin Wheatland

Senior Software Engineer

View Profile
Alexander Sänn
Alexander Sänn

Owner and Managing Director

View Profile
Marijn Scholtens
Marijn Scholtens

Senior Software Engineer

View Profile
Monika Müller
Monika Müller

Cybersecurity Engineer

View Profile
Sebastian Lingenfelter
Sebastian Lingenfelter

LLM Evaluation Response Specialist

View Profile
Christian Gebhardt
Christian Gebhardt

Deputy Chief Information Security Officer

View Profile
Natasha Alkhatib
Natasha Alkhatib

Cybersecurity Leader

View Profile
Jürgen Fey
Jürgen Fey

AR/VR/XR Architect

View Profile
Eric Yuan
Eric Yuan

Senior Software Engineer

View Profile
Ronald Foerster
Ronald Foerster

IT Consultant & Professional Training

View Profile
Valon Jashari
Valon Jashari

Master's degree in Telecommunications

View Profile
Hüseyin Korkut
Hüseyin Korkut

Senior Full-Stack Engineer

View Profile
Hendrik Belitz
Hendrik Belitz

Lecturer

View Profile