Glints Keuangan & Perbankan Full Time

Principal AI Engineer for Autonomous Security-Testing Agents

SMARTM2M Indonesia

Sumur Bandung IDR 16.666.667 – 22.000.000 Posted 19 hr ago
Location Sumur Bandung
Salary IDR 16.666.667 – 22.000.000
Job Type Full Time
Country Indonesia

Job Description

Full details about the role and requirements

Yukerja Summary

The Principal AI Engineer for Autonomous Security-Testing Agents role at SMARTM2M Indonesia is curated from Glints (category Keuangan & Perbankan). Note the work location (Sumur Bandung) before applying. Yukerja.com is not the employer — applications are handled on the official source site.

Role Summary

 

Lead the design, training, evaluation, and deployment of production-grade, on-premise multi-agent LLM systems for autonomous security testing. You own the full stack: self-hosted open-weight models (fine-tuned when it helps), the agent orchestration that drives them, the GPU infrastructure that serves them, and the safety and governance around them. This role is on-site in Bandung, in secure and air-gapped environments, on hardware we operate ourselves.

 We move fast. You should be able to take a rough idea and have something running the same day, then harden it once it proves out. The stack, the models, and the threats all change quickly, and we expect you to adapt with them rather than wait for a finished spec.

 

Key Responsibilities

 

  • Lead LLM development end to end for security-testing tasks: dataset curation,SFT/LoRA/QLoRA, DPO/RLHF, and large-scale automated evaluation against held-out benchmarks that measure genuine capability, not memorized answers.
  • Design and own multi-agent orchestration: goal decomposition, tool use via  function calling, structured outputs, verifier-gated outputs, fallbacks, retries, and recovery when a long-running task stalls or corrupts state.
  • Build and harden the agent's tool layer: integrate security tooling behind a stable, well-typed interface, and manage the retrieval layer that grounds     the agent's decisions.
  • Run the red-team and safety harness: simulate and execute authorized adversarial techniques (injection, traversal, prompt injection, data exfiltration) against in-scope targets, and build the guards, intensity controls, and policy gates that keep runs scoped, auditable, and safe.
  • Conduct adversarial and robustness testing for NLP/CV models: distribution shift, perturbations, poisoning risk, and the mitigations for them.
  • Own performance and cost on self-operated hardware: quantization (GGUF, GPTQ, AWQ, FP8, int4), tensor parallelism, KV-cache management, chunked prefill, batching, speculative decoding, and GPU utilization.
  • Operate the GPU fleet: deploy, swap, and version models across multiple GPU classes and multi-node setups, handling parallelism, NCCL, memory limits, and secure network routing for air-gapped sites.
  • Architect retrieval and grounding: vector stores, chunking, embeddings, hybrid  search, re-ranking, and retrieval-quality evaluation.
  • Develop production APIs and services (FastAPI, gRPC, WebSocket) with observability, live run tracing, canarying, and human-in-the-loop review. Monitor quality and safety drift, and handle incidents.
  • Keep work reproducible and governed: experiment tracking, model registry, artifact stores, versioned configs, run-log retention, and clean benchmark  hygiene with no train/eval contamination.
  • Deploy and operate on-prem (VMs, Docker, Kubernetes) with versioning,rollback, autoscaling, and secure upgrade paths for air-gapped, regulatedsites.
  • Collaborate and mentor: scope experiments with the team, write design docs,  threat models, and runbooks, drive code reviews, and grow junior engineers.

 

 Requirements

 

  • Bachelor's or Master's in CS, AI, or a related field, or equivalent  experience.
  • 5+ years in applied ML/AI and 10+ years in software engineering.
  • Strong Python and hands-on PyTorch (and/or TensorFlow).
  • LLM fine-tuning experience: SFT, LoRA/QLoRA, DPO or RLHF, plus dataset prep,  synthetic data generation, and large-scale evaluation.
  • Self-hosted inference experience with at least one open-weight family (Llama,Qwen, Mistral, Gemma) on vLLM, SGLang, TGI, or llama.cpp, including quantization and tensor parallelism.
  • Multi-agent design and tool-use orchestration: function calling, tool integration, structured outputs, error handling, retries, and verifier/guard patterns.
  • RAG pipelines with a vector store (pgvector, Milvus, Weaviate), plus embedding selection and retrieval-quality evaluation.
  • MLOps: Docker, Kubernetes, Git, CI/CD, experiment tracking, model registry, and data/version management.
  • Production monitoring and observability: logging, tracing, metrics, safety evaluation, SLOs, and alerting.
  • Security and safety practice: prompt-injection defenses, PII handling, RBAC, secrets management, and audit logging, with comfort in regulated or air-gapped environments.
  • A bias toward shipping: you prototype quickly, iterate in a fast-changing environment, and harden what works without waiting for perfect requirements.
  • Willing to work on-site in Bandung.

Strongly Preferred

 

  • Offensive-security, penetration-testing, or CTF experience: you've solved, or built systems that solve, real exploitation tasks. Adversarial ML and robustness background a plus.
  • Secure model deployment in government or critical-infrastructure contexts.
  • Deep transformer, tokenization, and quantization internals.
  • GPU systems expertise: CUDA, NCCL, MIG, multi-node deployment, and performance  profiling, including current-generation accelerators.
  • Hugging Face ecosystem and optimized-inference toolchains.

Disclaimer: Yukerja.com is a job aggregator, not an employer. This listing is aggregated from Glints. Applications are processed on the official company or source site. We are not responsible for listing accuracy.

Tips for Applying to Principal AI Engineer for Autonomous Security-Testing Agents

  1. Read the full description and ensure your skills match before applying to SMARTM2M Indonesia.
  2. Tailor your CV and cover letter to keywords in the job description — especially for Keuangan & Perbankan roles.
  3. Click Apply Now to go to Glints. The hiring process is entirely on the source site.
  4. Prepare an updated portfolio or LinkedIn profile if required during screening.
  5. Beware of payment requests — legitimate jobs do not charge application fees.

Related articles: CV ATS · Career Blog & Tips