In this role, you will be the architect of our "security brain." You will write the low-level code that observes what is happening (eBPF/Golang) and build the AI models that understand, diagnose, and prevent issues (LLMs/Python).
Key Responsibilities
1. The "Eyes": eBPF Development & Systems Engineering
Lead the Cimon Agent: Spearhead the active development of our high-performance eBPF agent "Cimon" using Golang and C.
Kernel-Level Innovation: Design and implement eBPF programs for deep observability, runtime security, and container monitoring.
Performance Obsession: Write beautiful, highly efficient code that runs in the Linux kernel with minimal overhead.
Community Leadership: Actively participate in the eBPF and open-source communities, contributing code and presenting technical deep dives at conferences.
2. The "Brain": AI Innovation & Security Research
AI-Driven Security Solutions: Architect and prototype models for:
Automated Exploitability: Checking SAST/SCA findings for validity.
AI Remediation: Automatically fixing Dockerfile misconfigurations and generating patches.
Model Detection: Identifying AI models embedded within codebases.
Benchmarking & Rigor: Design evaluation frameworks to measure model accuracy, false positives, and robustness in security contexts.
Prompt Engineering: Shape prompt strategies and workflows to translate real-world security challenges into actionable AI logic.
3. The Intersection: Collaboration & Evangelism
Cross-Functional Leadership: Serve as the technical link between the AI development team and the core security engineering team.
Thought Leadership: Author whitepapers, technical blogs, and deliver talks on the cutting edge of "AI for Systems Security."
Mentorship: Guide engineers on best practices for both low-level systems design and AI integration.
Why This Role?
No Context Switching Cost: You won't just be researching; you will be building the tools you research. You control the data collection (eBPF) and the analysis (AI).
Deep Tech Focus: This isn't a wrapper-API role. You will be dealing with kernel bypasses, memory safety, and LLM hallucinations all in the same week.
Impact: Your work will directly power the next generation of automated security remediation.
Requirements: The Core Stack:
Systems: 3+ years of experience with Golang and Linux Kernel development (eBPF or Kernel modules).
AI/ML: Hands-on experience with LLMs, prompt engineering, and Python-based data analysis.
Security: Deep understanding of SAST/SCA tools (e.g., SonarQube, Bearer, Snyk) and Container Security (Docker, K8s, Trivy).
Technical Qualifications:
Strong knowledge of Linux systems design, networking, and OS internals.
Proficiency in Python (for AI research) and Go/C (for Agent development).
Experience in analyzing container build pipelines and identifying vulnerability origins.
Ability to distill complex topics (both kernel-level and AI-level) for diverse audiences.
Bonus Points:
Experience with Rego/Open Policy Agent (OPA).
Publications or presentations at venues like KubeCon, Black Hat, or AI conferences.
Experience with Cloud Security (AWS/Azure/GCP) and Infrastructure-as-Code scanning.
Experience fine-tuning models for specific code-generation or security tasks.
This position is open to all candidates.