Senior Cloud Security Engineer

Help Build the Security Layer for the Agentic AI Era

agentic AI

runtime security and observability layer

right as the market is being created

Why Join Us

• Shape a New Category

  Build the security and observability layer for agentic AI before anyone else does.

• Frontier Tech

  Work hands-on with multi-agent AI frameworks, runtime guardrails, and real-time security analytics.

• Zero ? One Impact

  No legacy code, no bureaucracy your work defines the product and company direction.

• High Ownership

  Early-stage equity and technical leadership in a rapidly growing market.

• World-Class Team

  Founders with deep AI and cybersecurity experience who move fast and build ambitiously.

Core Responsibilities

• Design and build Skyrelis forward-proxy architecture

  across customer-site and cloud environments (Envoy-based), enabling deep visibility and secure governance of multi-agent LLM traffic.

• Implement secure TLS interception flows

  , including termination, re-encryption, certificate validation, and safe handling of modern pinning/mTLS patterns.

• Architect and operate PKI systems

  certificate issuance, rotation, trust chains, OCSP/CRL, and secure key lifecycle management.

• Develop Envoy extensions

  (filters, plugins, or WASM modules) to support telemetry capture, runtime risk scoring, and policy enforcement.

• Build secure networking paths

  for distributed agentic workloads (multi-agent, multi-tool, multi-region).

• Automate cloud security controls

  across public cloud platforms (AWS, GCP, Azure) using IaC (Terraform) and Kubernetes.

• Implement and maintain cloud security baselines

  , including IAM, detection/monitoring, CI/CD security, container security, network controls, and data protection workflows.

• Deploy and scale secure data-plane components

  using Kubernetes, Fargate/ECS, or equivalent cloud-native infrastructure.

• Collaborate with the Control Plane team

  to integrate proxy events, telemetry, and policy decisioning.

• Contribute to threat models, architecture documents, and internal security reviews

  across the platform.

What You Bring

Required Experience

• 7+ years

  in cloud security engineering, distributed systems, or platform security.
• Deep expertise in

  public cloud platforms

  (AWS strongly preferred; GCP/Azure beneficial) and their native security services.
• Strong background in

  cloud networking

  : VPC design, private link, routing, DNS, load balancing, layer 47 protocols (TCP/IP, HTTP/2, gRPC).
• Proven hands-on experience with

  Envoy Proxy

  (or Nginx/HAProxy/Squid), including extensions or custom integrations.
• Advanced understanding of

  TLS, PKI, X.509

  , certificate authorities, trust chains, and secure key storage.
• Experience with

  TLS MITM

  workflows in enterprise environments (inspection, pinning strategies, mTLS).
• Strong software development skills in

  Go and/or Python

  with a track record of shipping production systems.
• Deep experience with

  Terraform

  (module design, complex provider usage, enterprise patterns).
• Expertise in

  Kubernetes security

  , including operators, admission controllers, and platform extensions.
• Demonstrated ability to

  design and scale distributed cloud-native systems

  (multi-region, low-latency architectures).
• Proven history leading technical initiatives, setting engineering standards, and elevating organizational capability.

Nice-to-Haves

• WASM filter development in Envoy.
• Experience with LLM/agent telemetry, inference traffic patterns, or AI observability.
• Familiarity with service mesh technologies (Istio, Linkerd).
• Background in high-scale observability stacks or data-plane performance tuning.
• Experience with secure multi-region data-plane and control-plane architectures.

We're grateful to everyone who takes the time to apply. While we're unable to respond to every applicant, we'll be in touch directly with those whose experience aligns closely with the role.