As a Sr. Application Security Engineer at vCluster Labs, you are the architect of trust in our diverse ecosystem. In this role, you will be responsible for the end-to-end security of our product, ensuring that vCluster remains the de facto standard for secure Kubernetes multi-tenancy. You will define the security standards that allow our customers to run high-privileged workloads without fear, building in-depth strategies that span our entire codebase and infrastructure.

As a Sr. Application Security Engineer, your role will include:

• Core Product Security: Perform deep-dive security reviews of our core Go-based applications and Kubernetes controllers, as well as the frontend user interface. With a targeted focus on avoiding privilege escalation within our multi-tenant architecture.

• Threat Modeling: Lead the threat modeling process for new features, proactively identifying risks associated with shared GPU resources and multi-cloud environments.

• Automated Security: "Shift left" by continuing to integrate security checks into our CI and developer workflows. Optimizing these checks for speed, ensuring security never becomes a bottleneck for engineering velocity. Separately, you will manage automated and manual scanning of our entire product stack.

• Vulnerability Management: Own the lifecycle of security vulnerabilities from discovery to remediation. You will triage both external and internal reports, drive the resolution of critical issues across the engineering organization, and communicate effectively across stakeholders.

• Feature Development: Everyone at the organization contributes to both the ideas and development of new features. Many of which are directly related to security topics such as container breakouts and isolation, pushing the envelope of what’s possible in constrained environments.

• Developer training: Make complex topics easier to understand for all engineers, including new attack vectors and secure coding concepts.

This role could be a fit for you if you bring:

• Experience: You have 5+ years in Application Security or Product Security, with a strong focus on containerized environments.

• Kubernetes Depth: You have a deep understanding of Kubernetes architecture, RBAC, and container runtime security. You understand the specific risks of multi-tenancy.

• Code Proficiency: You are comfortable reading and writing Go, which is the language of our core product. You can spot a vulnerability in a PR without relying solely on automated tools.

• Modern Tech Mindset: You thrive in fast-paced cutting-edge environments. You are excited to solve novel problems related to AI and multi-tenant infrastructure.

• Cognitive Flexibility: You view feedback as a learning mechanism, not a critique, and are willing to understand the unique needs and concerns of our customers.

Bonus points for:

• Certifications: CKS (Certified Kubernetes Security Specialist) or OSCP.

• AI/GPU Context: Experience securing AI workloads or GPU cloud infrastructure.

• Automation Skills: Experience writing custom security tooling or automation scripts in Python or Go.

• Documentation: A willingness to contribute to our public-facing security documentation and "Trust Center" to help our customers navigate compliance.

About vCluster Labs

We are a venture-backed tech startup striving to be the leading force in enabling platform engineers. We raised +$30M from top-tier VCs such as Khosla Ventures (first investor in OpenAI, GitLab, Stripe, Doordash) and are in a hyper-growth phase looking for motivated people to complement our team. Our headquarters are in San Francisco (Salesforce Tower), but our team is distributed around the globe and we have a remote-first work culture.

We're the company behind vCluster, an open-source technology for virtualizing Kubernetes (+10k GitHub stars). Open source is part of our DNA.

The adoption of our commercial product based on vCluster has grown extremely fast (multi-million dollar revenue) and our customer base includes some of the biggest companies in the world, including 6 Global Fortune 500 companies as well as some of the fastest-growing tech unicorns.

Benefits

We offer the following benefits:

• Competitive Salary: We offer a competitive compensation package, including equity.

• Platinum-Level Insurance: Health, dental, vision, and life Insurance, including plans for you and eligible dependents (benefits vary depending on country).

• Flexible Working Schedule: You have a doctor’s appointment or need to head to the supermarket to get groceries at 2pm? We won’t have an issue with that. To us, results matter more than clocking in and out at the same time every day.

• Workplace Flexibility:  We’re very flexible about where you work. We know things can change in life and we’re happy to adjust the work environment for you along the way.

Culture & Values

At vCluster Labs, we value and stand for:

1. Open Source, Open Mind: We are actively contributing to and maintaining open-source projects. Internally, we foster meritocracy — the strongest ideas win, no matter who or where they come from.

2. Build Tomorrow’s Standards, Intentionally: We don't just ship software; we define the state-of-the-art of tomorrow. We are fearless in tearing down old approaches to build something better, but we are disciplined in how we do it because we know our users rely on our technology to run mission-critical infrastructure platforms.

3. Create Wow: We measure success by the experience we generate, both inside and outside the company. For our customers, this means impressive speed and intuitive experiences. For our team, this means going the extra mile to support one another and to continuously drive each other to new heights.

4. Own the Outcome: We understand that our responsibility doesn't end when a task is checked off; it ends when the value is delivered. We connect our daily individual actions to the broader success of the company and our customers.