Senior Software Security Engineer

We are a rapidly growing startup seeking a highly skilled, hands-on Software Security Engineer to embed security across our engineering lifecycle, with a primary focus on hardening our Kubernetes-based production platform.

This is a builder role for someone who thrives on securing real systems, not just writing policies. You will drive threat modeling, secure code reviews, and the design and implementation of security controls, actively contributing to platform defense.

You will own security end-to-end across our platform and product, including vulnerability management, security architecture reviews, and incident response. You will focus on vulnerabilities and misconfigurations across the platform, ensuring Kubernetes environments are secure, compliant, and continuously monitored. Engineering teams confidently rely on security tooling and controls the Security initiatives you will put in place will proactively improve developer velocity ("shift left") and be an enabler of product deliver - not a bottleneck, * Conduct in-depth security reviews of infrastructure using IaC practices (Terraform, Helm, GitOps)

• Implement and automate security enforcement via scripts, policies, and tooling (e.g., OPA, Kyverno, admission controllers)
• Perform architecture and design reviews with a focus on least privilege, defense-in-depth, and attack surface reduction
• Advance platform security monitoring through logging, alerting, and SIEM integrations
• Build automation (Bash, Python, Go) to scale security operations and reduce manual effort
• Apply AI/ML techniques to detect anomalous behavior, zero-day threats, and advanced attack patterns
• Leverage AI-driven tools for policy generation, risk scoring, and remediation prioritization
• Develop approaches to identify configuration drift and misconfigurations across Kubernetes and IaC environments, * Lead and evolve incident response processes; act as a primary escalation point when needed
• Conduct blameless post-mortems and ensure timely remediation of security gaps
• Own vulnerability management across platform, cloud, and application layers
• Strengthen security posture through baseline standardization and operational readiness
• Oversee secrets management, encryption strategies, and access control policies, * Champion a "Security as Code" mindset and promote shared ownership through Security Champions programs
• Balance startup speed with scalable, long-term security practices
• Partner closely with engineering teams to embed security into development workflows (DevSecOps)
• Collaborate with SRE on platform hardening, incident response, and reliability improvements
• Clearly communicate security risks and posture to technical and executive stakeholders

• 6+ years of experience in Software Security, Product Security, or DevSecOps
• 2+ years in a technical leadership or mentorship role
• Deep, hands-on expertise in Kubernetes security and cloud-native systems
• Strong experience securing Linux, containers, and cloud platforms (AWS, GCP, or Azure)
• Proven track record managing real-world security incidents in production environments
• Strong programming/scripting skills (Go, Python, Bash, or similar)
• Solid understanding of compliance frameworks (FIPS, CIS, STIG) and their practical application
• Hands-on experience with image hardening and secure system configurations
• Experience driving penetration testing programs and managing external vendors, * Experience building or scaling DevSecOps programs in a startup environment
• Familiarity with tools such as Falco, Tenable, Elastic, Trivy
• Knowledge of service meshes, network policies, and runtime security
• Strong background in threat modeling and secure system design
• Relevant certifications (CKS, CISSP, CCSP, GSEC, etc.)

• Compensation: $185,00 (Base + Bonus) + Equity, based on experience
• Benefits: Comprehensive medical, dental, and vision coverage. 100% coverage for employees, 90% for dependents
• Retirement: Access to a retirement savings plan
• Time Off: Flexible time off, including 12 paid holidays
• Perks: Catered lunches on in-office days, mobile/internet reimbursement

Spectro Cloud lets organizations around the world run AI infrastructure at scale - without losing control. A rapidly growing number of Global 5000 and government organizations across the US and EMEA are choosing Spectro Cloud to design, deploy, and manage full-stack AI and modern infrastructure across edge, data center, and cloud. Whether they are building AI factories, scaling edge inferencing, or managing multi-cloud, multi-cluster Kubernetes fleets, customers are relying on Spectro Cloud's unified orchestration plane to deliver the control, efficiency, and architectural flexibility needed to operate at scale without vendor lock-in. We're backed by top-tier investors and we're just getting started!