[Hiring] Founding Security Engineer / Head of Security @uRun

Role Description

You'll be uRun's first dedicated security hire. This is a founding role: you'll own security end-to-end as a hands-on engineer, and as the company and team grow, you'll have the opportunity to build out and lead the function.

The problem you're here to solve: build a security foundation worthy of the infrastructure we run. That means:

• Hardening a distributed AWS and Kubernetes stack running stateful inference at scale
• Standing up the compliance program that unlocks enterprise deals
• Embedding security into engineering without becoming a blocker

You'll join as we move from stealth to scale, begin enterprise partnerships, and approach our Series A — the point where this work has the most leverage.

Qualifications

• 6+ years in security engineering, including time as a founding or sole security hire, or otherwise owning security with minimal support
• Proven track record delivering SOC 2 end-to-end as program owner — not just as a contributor
• Deep AWS experience: IAM, KMS, GuardDuty, CloudTrail, EKS, and Kubernetes security
• Hands-on with compliance automation tooling: Vanta, Drata, or equivalent
• Comfortable embedding security into CI/CD: SAST, DAST, secrets scanning, dependency management
• Strong incident response background: you've handled real incidents and built playbooks from scratch
• A clear communicator who can represent security to technical and non-technical stakeholders, including customers
• Able to work PST hours and thrive in a fast-moving, ambiguous environment

Requirements

• Own SOC 2 Type II end-to-end: scoping, control design, evidence collection, and audit
• Drive ISO 27001 and additional frameworks as we scale into enterprise partnerships
• Stand up and manage compliance automation tooling (Vanta, Drata, or equivalent)
• Respond to vendor security questionnaires and represent uRun's security posture on customer calls
• Build and maintain security policies, procedures, and documentation
• Harden our AWS environment: IAM, KMS, secrets management, GuardDuty, CloudTrail, VPC
• Secure our Kubernetes and EKS stack: container security, RBAC, network policies, runtime controls
• Embed security into CI/CD pipelines: SAST, dependency scanning, secrets scanning
• Build detection and response capabilities: alerting, playbooks, and incident response processes
• Drive vulnerability management end-to-end, from detection through remediation and reporting
• Work directly with engineering to resolve security blockers and unblock partnership deals
• Manage external auditor relationships and coordinate security reviews
• Report on security posture and risk to leadership

Benefits

• Competitive salary and meaningful equity in an early-stage AI infrastructure company
• Health, dental, and vision — full coverage
• 401(k) — company-supported retirement savings
• FSA/HSA — flexible spending accounts for healthcare costs
• Paid time off — we trust you to manage your time
• Top-tier tooling — access to the best AI tools available: Claude, Codex, Kimi, and whatever else helps you move faster
• MacBook Pro and AirPods — the hardware you need, on us

How we work (and what that feels like day-to-day)

We build the stage, not the show. We're an infrastructure company, a developer-tools company, and a production partner for model labs, and focus is a deliberate choice we've made and hold to.

Day-to-day, that means a small team, a high bar, and real ownership. You won't wait for permission or inherit a backlog of someone else's decisions; in a founding security role, the function is what you make it.

It also means ambiguity: priorities shift, not everything is documented, and you'll often be the person who decides what "secure enough, for now" means. That suits some people and not others, and we'd rather you know that before you apply.