Job Description
Help Build the Security Layer for the Agentic AI Era
We’re building at the frontier of two unstoppable waves:
agentic AI
and
security . Autonomous AI agents are exploding in capability — planning, executing, and learning in real time — but enterprise security hasn’t caught up. That’s where we come in.
At Skyrelis, we’re creating the
runtime security and observability layer
for next-gen agentic systems, giving enterprises the
trust, visibility, and control
they need without slowing innovation. This is your chance to be part of a
founding engineering team
shaping a completely new category —
agentic security
— at the moment it matters most.
If you’ve ever wanted to join a startup
right as the market is being created , work hands-on with
cutting-edge AI frameworks , and help define the
best practices and tools
for securing autonomous systems at scale, this is it.
Why Join Us
Shape a New Category
– Build the security and observability layer for agentic AI before anyone else does.
Frontier Tech
– Work hands-on with multi-agent AI frameworks, runtime guardrails, and real-time security analytics.
Zero → One Impact
– No legacy code, no bureaucracy — your work defines the product and company direction.
High Ownership
– Early-stage equity and technical leadership in a rapidly growing market.
World-Class Team
– Founders with deep AI and cybersecurity experience who move fast and build ambitiously.
Core Responsibilities
Design and build Skyrelis’ forward-proxy architecture
across customer-site and cloud environments (Envoy-based), enabling deep visibility and secure governance of multi-agent LLM traffic.
Implement secure TLS interception flows , including termination, re-encryption, certificate validation, and safe handling of modern pinning/mTLS patterns.
Architect and operate PKI systems —certificate issuance, rotation, trust chains, OCSP/CRL, and secure key lifecycle management.
Develop Envoy extensions
(filters, plugins, or WASM modules) to support telemetry capture, runtime risk scoring, and policy enforcement.
Build secure networking paths
for distributed agentic workloads (multi-agent, multi-tool, multi-region).
Automate cloud security controls
across public cloud platforms (AWS, GCP, Azure) using IaC (Terraform) and Kubernetes.
Implement and maintain cloud security baselines , including IAM, detection/monitoring, CI/CD security, container security, network controls, and data protection workflows.
Deploy and scale secure data-plane components
using Kubernetes, Fargate/ECS, or equivalent cloud-native infrastructure.
Collaborate with the Control Plane team
to integrate proxy events, telemetry, and policy decisioning.
Contribute to threat models, architecture documents, and internal security reviews
across the platform.
What You Bring
Required Experience
7+ years
in cloud security engineering, distributed systems, or platform security.
Deep expertise in
public cloud platforms
(AWS strongly preferred; GCP/Azure beneficial) and their native security services.
Strong background in
cloud networking : VPC design, private link, routing, DNS, load balancing, layer 4–7 protocols (TCP/IP, HTTP/2, gRPC).
Proven hands-on experience with
Envoy Proxy
(or Nginx/HAProxy/Squid), including extensions or custom integrations.
Advanced understanding of
TLS, PKI, X.509 , certificate authorities, trust chains, and secure key storage.
Experience with
TLS MITM
workflows in enterprise environments (inspection, pinning strategies, mTLS).
Strong software development skills in
Go and/or Python
with a track record of shipping production systems.
Deep experience with
Terraform
(module design, complex provider usage, enterprise patterns).
Expertise in
Kubernetes security , including operators, admission controllers, and platform extensions.
Demonstrated ability to
design and scale distributed cloud-native systems
(multi-region, low-latency architectures).
Proven history leading technical initiatives, setting engineering standards, and elevating organizational capability.
Nice-to-Haves
WASM filter development in Envoy.
Experience with LLM/agent telemetry, inference traffic patterns, or AI observability.
Familiarity with service mesh technologies (Istio, Linkerd).
Background in high-scale observability stacks or data-plane performance tuning.
Experience with secure multi-region data-plane and control-plane architectures.
We’re grateful to everyone who takes the time to apply. While we’re unable to respond to every applicant, we’ll be in touch directly with those whose experience aligns closely with the role.
