Go to Website
  • en
  • de

Maryam M.

AI Red Team Engineer

Hamburg, Germany

Experience

Aug 2025 - Present
3 months

AI Red Team Engineer

Applause

  • Performed security assessments and penetration testing on Microsoft AI models for text, image, and video generation.
  • Conducted prompt injection attacks through diverse input vectors, including crafted text, steganographic images, and manipulated visual elements (e.g., varying opacity and embedded content).
May 2025 - Present
6 months

Member, AI Red Teaming Contributor

OWASP AI Exchange

  • Contribute to AI red teaming initiatives, researching and testing threats such as prompt injection, data poisoning, and model manipulation in AI and data-centric systems.
  • Support development of global AI security and privacy standards, including the EU AI Act, ISO/IEC 27090 (AI Security), and ISO/IEC 27091 (AI Privacy), helping shape controls for safer, more trustworthy AI.
Jan 2025 - Present
10 months

Red Team Prompt Injection Specialist

Freelancer

  • Conducted targeted prompt injection attacks (direct and indirect) against the frontier large language model that generates text, images and videos or controls a system with available APIs to test its robustness against adversarial inputs.
  • Utilized a variety of tools, techniques, and open-source resources to craft and execute attacks simulating real-world misuse scenarios.
  • Documented findings related to prompt leakage, unintended behaviors, and model safety vulnerabilities.
  • Contributed to model safety evaluations by reporting edge-case failure modes and proposing mitigation strategies.
  • Operated under strict ethical guidelines to ensure responsible AI red teaming practices.
Dec 2024 - Apr 2025
5 months

LLM Security Penetration Tester

Mindrift

  • Performed security assessments and penetration testing for LLM-based applications with a focus on OWASP Top 10 for LLMs.
  • Conducted prompt injection, data leakage, and model manipulation tests on Anthropic Claude agents, creating various attack vectors and recommendations for strengthening the agents against successful attacks.
Sep 2023 - Dec 2023
4 months
Bonn, Germany

Software Security Engineer

Code Intelligence

  • Conducted penetration testing for automotive clients, focusing on native applications and infrastructure vulnerabilities.
  • Delivered presentations on fuzz testing and assisted clients in utilizing fuzzing tools to analyze and secure their code.
  • Provided technical support and guidance for improving tool utilization and resolving identified security flaws.
Aug 2018 - Mar 2023
4 years 8 months
Isfahan, Iran, Islamic Republic of

Assistant Professor

Isfahan University of Technology

  • Taught courses in software security and led research projects focusing on vulnerability detection and secure coding practices.
  • Organized student job fairs and industrial cooperation festivals to foster partnerships and facilitate knowledge exchange in cybersecurity.
Jun 2016 - Mar 2017
10 months
Tehran, Iran, Islamic Republic of

Software Security Consultant

Ansar Bank

  • Conducted security audits and penetration tests on Java applications and internal infrastructure.
  • Worked with development teams to integrate security measures into the software development lifecycle, ensuring secure coding practices were followed.
  • Provided actionable recommendations for mitigating security vulnerabilities and enhancing application security.
Sep 2015 - Mar 2018
2 years 7 months

Smart Fuzzing and Vulnerability Detection

  • Designed and implemented a smart fuzzing algorithm to detect vulnerabilities in binary C/C++ code, including stack/heap overflows and buffer overflows.
  • Utilized tools like Valgrind and Angr to enhance vulnerability detection accuracy.
Sep 2014 - Mar 2018
3 years 7 months
Tehran, Iran, Islamic Republic of

Researcher and Developer

APA Research Center

  • Led a team in penetration testing for web applications and Android apps, identifying security flaws and proposing solutions.
  • Developed security analysis guidelines for various platforms, enhancing the vulnerability detection process.
  • Provided consultation to MSc students on cybersecurity research and penetration testing methodologies.
  • Presented secure coding workshops for students and developers.
Jun 2011 - Aug 2012
1 year 3 months
Isfahan, Iran, Islamic Republic of

Software Developer

PayamPardaz

  • Developed a correlation engine for SIEM solutions, using Python and C++ to detect and respond to security incidents.
  • Implemented automated security event correlation and generated actionable alerts for security teams.

Penetration Testing for Web Applications

  • Conducted penetration testing on various web applications and internal systems for small businesses.
  • Developed detailed security reports, identified vulnerabilities, and recommended countermeasures to mitigate risks.

Summary

Experienced Cyber Security Engineer specializing in application security with over 10 years of expertise in penetration testing, security audits, and secure coding practices. Proficient in identifying vulnerabilities in web and mobile applications and applying security best practices in the development lifecycle.

Recently transitioned into Large Language Model (LLM) engineering, with hands-on experience in building multi-agent LLM applications, Retrieval-Augmented Generation (RAG) pipelines, and fine-tuning models for domain-specific tasks. Proficient in LLM security testing and mitigation of OWASP Top 10 LLM-specific vulnerabilities. Skilled in threat modeling, secure coding, and integrating AI security best practices. Adept at collaborating with engineering teams to ensure both traditional and AI-driven applications are secure from design to deployment.

Languages

Persian
Native
English
Advanced
German
Intermediate

Education

Mar 2011 - Mar 2017

Amirkabir University of Technology

Ph.D. · Software Engineering · Tehran, Iran, Islamic Republic of

Sep 2008 - Sep 2011

Amirkabir University of Technology

M.Sc. · Information Security · Tehran, Iran, Islamic Republic of

Sep 2004 - Sep 2008

Esfahan University of Technology

B.Sc. · Computer Engineering · Isfahan, Iran, Islamic Republic of

Certifications & licenses

MCSE 2003

OWASP AI Security Training

SANS GenAI & LLM Application Security Training

Need a freelancer? Find your match in seconds.
Try FRATCH GPT
More actions

Similar Freelancers

Discover other experts with similar qualifications and experience

Seyed M.

Senior Product Security Engineer

View Profile
Valeri M.

DORA Readiness – Gap Analysis and Implementation for Banks

View Profile
Ali Y.

Principal Product Security Engineer

View Profile
Valon J.

Cybersecurity and Data Scientist Engineer

View Profile
Nils K.

Vulnerability Management and Secure SDLC

View Profile
Henryk O.

Security Consultant

View Profile
Natasha A.

Cybersecurity Leader

View Profile
Alexander N.

Security Expert

View Profile
Stanislaus S.

Security Consultant

View Profile
Guido S.

Business Analyst/Requirements Engineer

View Profile
Kevin E.

Lecturer on AI in Cybersecurity

View Profile
Matthias S.

Senior Consultant Security (freelance)

View Profile
Sascha L.

CEO

View Profile
Markus W.

IT security consultant

View Profile
Martin W.

Security Auditor

View Profile
fratch Part of Bitkom logo
linkedIncrunchbaseyoutube
  • English
  • Deutsch

2025 © FRATCH.IO GmbH. All rights reserved.