Spectro Cloud lets organizations around the world run AI infrastructure at scale - without losing control. A rapidly growing number of Global 5000 and government organizations across the US and EMEA are choosing Spectro Cloud to design, deploy, and manage full-stack AI and modern infrastructure across edge, data center, and cloud.

Whether they are building AI factories, scaling edge inferencing, or managing multi-cloud, multi-cluster Kubernetes fleets, customers are relying on Spectro Cloud’s unified orchestration plane to deliver the control, efficiency, and architectural flexibility needed to operate at scale without vendor lock-in. We're backed by top-tier investors and we're just getting started!

About the Team

We are a rapidly growing startup seeking a highly skilled, hands-on Software Security Engineer to embed security across our engineering lifecycle, with a primary focus on hardening our Kubernetes-based production platform.

This is a builder role for someone who thrives on securing real systems, not just writing policies. You will drive threat modeling, secure code reviews, and the design and implementation of security controls, actively contributing to platform defense.

You will own security end-to-end across our platform and product, including vulnerability management, security architecture reviews, and incident response. You will focus on vulnerabilities and misconfigurations across the platform, ensuring Kubernetes environments are secure, compliant, and continuously monitored. Engineering teams confidently rely on security tooling and controls the Security initiatives you will put in place will proactively improve developer velocity (“shift left”) and be an enabler of product deliver - not a bottleneck

What You'll Do

Technical Leadership and Execution

Design, implement, and operate security controls for Kubernetes-based production platforms
Harden containers, nodes, and cluster configurations to meet production-grade security standards
Conduct in-depth security reviews of infrastructure using IaC practices (Terraform, Helm, GitOps)
Implement and automate security enforcement via scripts, policies, and tooling (e.g., OPA, Kyverno, admission controllers)
Perform architecture and design reviews with a focus on least privilege, defense-in-depth, and attack surface reduction
Advance platform security monitoring through logging, alerting, and SIEM integrations
Build automation (Bash, Python, Go) to scale security operations and reduce manual effort
Apply AI/ML techniques to detect anomalous behavior, zero-day threats, and advanced attack patterns
Leverage AI-driven tools for policy generation, risk scoring, and remediation prioritization
Develop approaches to identify configuration drift and misconfigurations across Kubernetes and IaC environments

Security and Operations Management

Lead and evolve incident response processes; act as a primary escalation point when needed
Conduct blameless post-mortems and ensure timely remediation of security gaps
Own vulnerability management across platform, cloud, and application layers
Strengthen security posture through baseline standardization and operational readiness
Oversee secrets management, encryption strategies, and access control policies

Team Culture & Cross-Functional Collaboration

Champion a “Security as Code” mindset and promote shared ownership through Security Champions programs
Balance startup speed with scalable, long-term security practices
Partner closely with engineering teams to embed security into development workflows (DevSecOps)
Collaborate with SRE on platform hardening, incident response, and reliability improvements
Clearly communicate security risks and posture to technical and executive stakeholders

Minimum Qualifications

6+ years of experience in Software Security, Product Security, or DevSecOps
2+ years in a technical leadership or mentorship role
Deep, hands-on expertise in Kubernetes security and cloud-native systems
Strong experience securing Linux, containers, and cloud platforms (AWS, GCP, or Azure)
Proven track record managing real-world security incidents in production environments
Strong programming/scripting skills (Go, Python, Bash, or similar)
Solid understanding of compliance frameworks (FIPS, CIS, STIG) and their practical application
Hands-on experience with image hardening and secure system configurations
Experience driving penetration testing programs and managing external vendors

Preferred Qualifications

Experience building or scaling DevSecOps programs in a startup environment
Familiarity with tools such as Falco, Tenable, Elastic, Trivy
Knowledge of service meshes, network policies, and runtime security
Strong background in threat modeling and secure system design
Relevant certifications (CKS, CISSP, CCSP, GSEC, etc.)

What We Offer

Compensation: $185,000 (Base + Bonus) + Equity, based on experience
Benefits: Comprehensive medical, dental, and vision coverage. 100% coverage for employees, 90% for dependents
Retirement: Access to a retirement savings plan
Time Off: Flexible time off, including 12 paid holidays
Perks: Catered lunches on in-office days, mobile/internet reimbursement

Location: This position is based at the HQ office in San Jose, with an onsite requirement of three days per week.

Visa Support: Applicants are required to be eligible to lawfully work in the country of work; we are unable to provide sponsorship for this opportunity.

The Hiring Process

At Spectro Cloud, we highly value your time and dedication throughout the hiring process. Therefore, we aim to ensure that our interactions are efficient and focused on delivering value.

Our interview process for this role typically comprises of three stages:

Interview Round 1: Kubernetes Baseline Gate (Mandatory)
Candidates must demonstrate deep expertise with one of the following:

Active CISSP and CKA / CKAD / CKS certification
Demonstrable hands-on Kubernetes/platform with product security experience
(Proof is required during application)

Interview Round 2: Directed Product Self-Learning
Candidates are given a curated documentation reading list (docs.spectrocloud.com) to filter for motivation, learning agility, and the ability to absorb platform knowledge, mirroring real-world expectations. Product Security interviews will be conducted with these learned topics from the above site.

Interview Round 3: Technical Assessment
Candidates must demonstrate expertise in the below topics:

Platform Architecture, Applied Kubernetes Fundamentals, Day-2 Operations, Security, Troubleshooting
Candidates must assume engineering is unavailable and solve security issues independently

2026-211

Department: Engineering
Locations: US, San Jose
Remote status: Hybrid

Our Culture

Spectro Cloud is a fun, fast-paced place to work where you can make a big impact, every day. We recruit the best from all over the world, and we show up in all our diversity to collaborate and build something we’re all proud of. We’re passionate about innovation and helping our customers, and we’re ambitious about changing the industry. If you’re bored or frustrated by rigid corporate life, this is an opportunity to grow your skills, push boundaries and change the world.

About Spectro Cloud

Founded in 2019

Co-workers 220+

Engineering · US, San Jose · Hybrid

Senior Software Security Engineer

Apply now

See more open positions at Spectro Cloud

Powered by Getro.com

Privacy policy Cookie policy

Contact

1400 Fashion Island Blvd. Ste. 1010
San Mateo, CA 94404
Tel: 650.854.1000
info@sierraventures.com

Work with our Portfolio Companies.

0

0