Member of Technical Staff - Security

Runlayer

$130K — $180K *
Enterprise Technology
8 - 10 years of experience
Job Overview by Ladders

Qualifications

  • 8+ years in security engineering with experience in application security or endpoint detection
  • Proven history of building scanning or detection systems such as parsers and rule engines
  • Experience with shadow IT detection and asset discovery in enterprise settings
  • Strong proficiency in Python and FastAPI frameworks
  • Knowledge of API attack patterns including SSRF and token theft
  • Understanding of new AI threats like prompt injection and tool poisoning

Responsibilities

  • Build and enhance Watch products for static and dynamic scanning
  • Develop shadow detection for unregistered enterprise agents and servers
  • Oversee AppSec, including penetration testing and vulnerability management
  • Create CI/CD-integrated automated version scanning for security checks
  • Expand detection capabilities to CLI and browser-based agents

Benefits

  • Competitive salary and equity package
  • Paid time off including vacation and sick leave
  • Budget for professional development in AI and security
  • Access to top-tier equipment for optimal working conditions
  • Comprehensive health, dental, and vision benefits
  • Opportunities for direct customer interaction and impact on projects
Full Job Description
About the Role

Looking for a security engineer, to join our small founding team, you'll build the security scanning and detection products that protect enterprise AI. You own the Runlayer Watch products (static and dynamic scanning), shadow detection of unregistered agents and servers, and AppSec for the platform itself.

Why You'll Thrive Here
  • Impact: Build the security layer for the AI agent infrastructure category, directly shaping how enterprises adopt AI safely
  • Excellence: Work alongside founders from Zapier's AI team and a team of senior engineers from top cyber backgrounds
  • Ownership: Own detection products end-to-end, from threat modeling through shipped features


What You'll Do
  • Build and improve Watch products: static and dynamic scanning for MCP servers, skills, plugins, and agent behavior detection on endpoints
  • Develop shadow detection: identify unregistered MCP servers, skills, plugins, and agents running outside governance across the enterprise
  • Own AppSec for the platform: penetration testing, vulnerability management, dependency scanning, and security hardening of the control plane
  • Build automated version scanning: CI/CD-integrated security checks that run on each new MCP server version, skill update, or plugin release
  • Extend detection coverage to CLI agents (Codex, OpenCode) and browser-based agents


What We're Looking For
  • 8+ years in security engineering with deep experience in application security, security tooling development, or endpoint detection
  • Builder, not operator. You've created scanning or detection systems: parsers, rule engines, analysis pipelines.
  • Experience with shadow IT detection, asset discovery, or endpoint monitoring in enterprise environments
  • Strong Python skills (our scanning pipeline and platform backend are Python/FastAPI)
  • Understanding of API and gateway attack patterns: SSRF, token theft, injection, supply-chain attacks
  • Awareness of emerging AI/LLM security threats: prompt injection, tool poisoning, jailbreaking, indirect prompt injection through tool responses


Bonus Qualifications
  • Experience with MCP, AI agents, or LLM security specifically
  • Background in building commercial security products (not just internal tooling)
  • Network in enterprise security (SVCI, Israeli security community, etc.)


What We Offer

We provide a competitive package designed to attract and retain top talent who can work effectively with enterprise customers.
  • Competitive salary and equity - compensation that reflects your expertise and customer-facing responsibilities.
  • Paid time off - paid vacation, paid sick leave, and paid parental leave.
  • Professional development - budget for conferences, courses, and certifications in AI, enterprise software, and customer success.
  • Top-tier equipment - your choice of laptop and accessories to create your ideal work environment.
  • Health benefits - comprehensive health, dental, and vision coverage.
  • Customer interaction opportunities - work directly with innovative companies and see the immediate impact of your work.


Not quite the right fit? Reach out to with details about your experience and interests.

Similar Jobs

More Jobs at Runlayer

More Enterprise Technology Jobs

Find similar Member of Technical Staff - Security jobs: