Research Scientist - CAST Propensity

Within the Cyber & Autonomous Systems Team (CAST) at AISI, the Propensity project studies unprompted or unintended model behaviour, particularly potentially dangerous behaviour: the propensity of a model to cause harm. Our current project is to study effect sizes of environmental factors on these propensities, e.g. whether models are consistently more willing to take harmful actions when their existence is threatened. We build on previous work on this field by scaling to a range of different scenarios and variations, and looking particularly for effects that are consistent throughout. 

Understanding model propensities is the key missing pillar in our overall picture of risk from autonomous AI. We already know that models have sufficient knowledge and ability to assist criminal users in conducting cyberattacks and causing significant harm. If they can also spontaneously develop the inclination to cause harm unprompted, the nature and scale of the threat is transformed. To justify a response sufficient to address this unprecedented threat, we need empirical evidence with strong scientific credibility.  

In CAST within AISI, through our relationships with the rest of the UK government and national security apparatus (and their relationships with international counterparts), we have a unique ability to understand what they need and get it in front of them. 

Example research science questions that we’ve needed to answer so far: 

• How can we clearly define when a change in one scenario is the “same” as another change in a different scenario, so we can determine whether they should be expected to have consistent, context-independent effects? 

• How can we iterate on our scenario specifications to ensure they do not have bugs and obvious misunderstandings, without jeopardising the statistical validity of the data by overfitting to a particular outcome? 

• What kinds of research questions transfer to the behaviour of future, more capable models which haven’t yet been developed? What are the propensity analogues of the clear capability trends we’ve seen in large language models over time? 

What we are looking for

The Propensity project team currently consists of one research scientist and two research engineers. We’re looking to add a second research scientist to help with challenges like those above, through discussion, written plans and designs, and writing or reviewing code that implements those designs. We expect that the strength of our answers to questions like these are likely to be a key factor in the strength of the conclusions we can draw, the claims we can back, and the accuracy of our predictions on which we rest the credibility of the work. You would add the capacity we need to give our answers the next layer of depth and sophistication. 

The ideal candidate will have the following skills: 

• A proven ability to identify and operationalise key uncertainties in a research area, and propose and improve on experimental approaches for collecting evidence on these uncertainties, 

• Knowledge of and experience in selecting and applying statistical inference methods in order to draw risk-relevant and action-guiding conclusions from experimental evidence, 

• Ability to engage critically with existing or proposed research methodology, assessing to what extent such critiques impact the central conclusions of the work, and how a proposal could be adapted to address them, 

• Strong enough Python knowledge to get hands-on with developing and iterating on our Inspect tasks (though Inspect itself can be learned on the job), 

• A sufficient understanding of transformer architecture and training dynamics to inform interpretations and predictions of their observable behaviour (how output is sampled, the loss function used for pre-training, the differences between pre-training and post-training, what inference-time compute scaling is, etc.) – hands-on experience with MLE tasks like fine-tuning or RL is not required. 

We expect these skills will be held by people with: 

• 3+ years of experience in a quantitative research discipline (e.g. as a PhD student or data scientist or researcher) involving experimental design and analysis, 

• Experience writing Python code meeting quality standards, e.g. in production environments or in collaboration with others, 

• Professional or educational (or significant hobbyist) contact with LLMs and transformer theory. 

 

What We Offer

Impact you couldn't have anywhere else

• Incredibly talented, mission-driven and supportive colleagues.
• Direct influence on how frontier AI is governed and deployed globally.
• Work with the Prime Minister’s AI Advisor and leading AI companies.
• Opportunity to shape the first & best-resourced public-interest research team focused on AI security.

Resources & access

• Pre-release access to multiple frontier models and ample compute.
• Extensive operational support so you can focus on research and ship quickly.
• Work with experts across national security, policy, AI research and adjacent sciences.

Growth & autonomy

• If you’re talented and driven, you’ll own important problems early.
• 5 days off learning and development, annual stipends for learning and development and funding for conferences and external collaborations.
• Freedom to pursue research bets without product pressure.
• Opportunities to publish and collaborate externally.

Life & family

• Modern central London office (cafes, food court, gym) or option to work in similar government offices in Birmingham, Cardiff, Darlington, Edinburgh, Salford or Bristol.
• Hybrid working, flexibility for occasional remote work abroad and stipends for work-from-home equipment.
• At least 25 days’ annual leave, 8 public holidays, extra team-wide breaks and 3 days off for volunteering.
• Generous paid parental leave (36 weeks of UK statutory leave shared between parents + 3 extra paid weeks + option for additional unpaid time).
• On top of your salary, we contribute 28.97% of your base salary to your pension.
• Discounts and benefits for cycling to work, donations and retail/gyms.

Salary

Annual salary is benchmarked to role scope and relevant experience. Most offers land between £65,000 and £145,000 (base plus technical allowance), with 28.97% employer pension and other benefits on top. 

This role sits outside of the DDaT pay framework given the scope of this role requires in depth technical expertise in frontier AI safety, robustness and advanced AI architectures. 

The full range of salaries are as follows: 

• Level 3: £65,000–£75,000 (Base £35,720 + Technical Allowance £29,280–£39,280)
• Level 4: £85,000–£95,000 (Base £42,495 + Technical Allowance £42,505–£52,505)
• Level 5: £105,000–£115,000 (Base £55,805 + Technical Allowance £49,195–£59,195)
• Level 6: £125,000–£135,000 (Base £68,770 + Technical Allowance £56,230–£66,230)
• Level 7: £145,000 (Base £68,770 + Technical Allowance £76,230) 

 

Selection process

In accordance with the Civil Service Commission rules, the following list contains all selection criteria for the interview process.  

The interview process may vary candidate to candidate, however, you should expect a typical process to include some technical proficiency tests, discussions with a cross-section of our team at AISI (including non-technical staff), conversations with your team lead. The process will culminate in a conversation with members of the senior leadership team here at AISI.   

Candidates should expect to go through some or all of the following stages once an application has been submitted:   

• Initial assessment
• Initial screening call  
• Research interview
• Technical assessment
• Take home test and interview 
• Penultimate interview   
• Final interview with members of the senior team