This job was posted more than 40 days ago and might be expired.
uRun logo

Founding Security Engineer / Head of Security

Posted about 2 months ago

RemoteSan FranciscoEX200k - 250k USD

The problem we saw

Most AI infrastructure is built for batch: send a query, wait, get a response, reset. Powerful, but transactional. AI is becoming interactive, sessions that hold state, models that stay alive between turns, generation that responds as it runs, and the infrastructure to deliver that at scale doesn't really exist yet.

The bottleneck isn't the models anymore. It's the infrastructure underneath them.

What we're building to fix it

uRun is the inference cloud for interactive AI: the compute layer that makes real-time, stateful inference possible at scale. We came out of stealth in April 2026, are backed by top-tier investors, and are founded by Keegan McCallum, former Head of ML Infrastructure at Luma AI.

We're an infrastructure company. We build the layer that model labs, builders, and research teams ship on top of.

Where you come in

You'll be uRun's first dedicated security hire. This is a founding role: you'll own security end-to-end as a hands-on engineer, and as the company and team grow, you'll have the opportunity to build out and lead the function.

The problem you're here to solve: build a security foundation worthy of the infrastructure we run. That means hardening a distributed AWS and Kubernetes stack running stateful inference at scale, standing up the compliance program that unlocks enterprise deals, and embedding security into engineering without becoming a blocker.

You'll join as we move from stealth to scale, begin enterprise partnerships, and approach our Series A — the point where this work has the most leverage.

What you'll actually be doing day-to-day

Compliance and risk

  • Own SOC 2 Type II end-to-end: scoping, control design, evidence collection, and audit

  • Drive ISO 27001 and additional frameworks as we scale into enterprise partnerships

  • Stand up and manage compliance automation tooling (Vanta, Drata, or equivalent)

  • Respond to vendor security questionnaires and represent uRun's security posture on customer calls

  • Build and maintain security policies, procedures, and documentation

    Infrastructure and cloud security

  • Harden our AWS environment: IAM, KMS, secrets management, GuardDuty, CloudTrail, VPC

  • Secure our Kubernetes and EKS stack: container security, RBAC, network policies, runtime controls

  • Embed security into CI/CD pipelines: SAST, dependency scanning, secrets scanning

  • Build detection and response capabilities: alerting, playbooks, and incident response processes

  • Drive vulnerability management end-to-end, from detection through remediation and reporting

    Partnerships and stakeholders

  • Work directly with engineering to resolve security blockers and unblock partnership deals

  • Manage external auditor relationships and coordinate security reviews

  • Report on security posture and risk to leadership

What skills you need for the journey

  • 6+ years in security engineering, including time as a founding or sole security hire, or otherwise owning security with minimal support

  • Proven track record delivering SOC 2 end-to-end as program owner — not just as a contributor

  • Deep AWS experience: IAM, KMS, GuardDuty, CloudTrail, EKS, and Kubernetes security

  • Hands-on with compliance automation tooling: Vanta, Drata, or equivalent

  • Comfortable embedding security into CI/CD: SAST, DAST, secrets scanning, dependency management

  • Strong incident response background: you've handled real incidents and built playbooks from scratch

  • A clear communicator who can represent security to technical and non-technical stakeholders, including customers

  • Able to work PST hours and thrive in a fast-moving, ambiguous environment

Things that will give you an edge

  • Familiarity with AI security frameworks: OWASP LLM Top 10, MITRE ATLAS

  • Certifications: AWS Security Specialty, CISSP, CISM, or equivalent

  • Experience securing GPU or ML-inference infrastructure specifically

What you'll get in return

  • Competitive salary and meaningful equity in an early-stage AI infrastructure company. The band above is our target; for an exceptional candidate we'll go higher. Equity is real — you're early, and the grant reflects that.

  • Health, dental, and vision — full coverage

  • 401(k) — company-supported retirement savings

  • FSA/HSA — flexible spending accounts for healthcare costs

  • Paid time off — we trust you to manage your time

  • Top-tier tooling — access to the best AI tools available: Claude, Codex, Kimi, and whatever else helps you move faster

  • MacBook Pro and AirPods — the hardware you need, on us

How we work (and what that feels like day-to-day)

We build the stage, not the show. We're an infrastructure company, a developer-tools company, and a production partner for model labs, and focus is a deliberate choice we've made and hold to.

Day-to-day, that means a small team, a high bar, and real ownership. You won't wait for permission or inherit a backlog of someone else's decisions, in a founding security role, the function is what you make it.

It also means ambiguity: priorities shift, not everything is documented, and you'll often be the person who decides what "secure enough, for now" means. That suits some people and not others, and we'd rather you know that before you apply.

Job details
Workplace
Remote
Location
San Francisco
Experience
EX
Salary
200k - 250k USD
per year

Real-time video AI. Interact. Steer. Play.

Employees
7
Industry
Software Development
Headquarters
San Francisco Bay Area, CA
Founded
2025
Company location
San Francisco Bay Area, CA, US
Specialties
Real-time Inference, Generative Video, AI Infrastructure, Stateful Inference, Interactive Video, Video Generation, Machine Learning, Develeoper Tools, GPU Infrastructure, and Production AI

Key team members

Matt Krzus

Matt Krzus

Dominic Lau

Dominic Lau

Ruhit Islam

Ruhit Islam

Jesse Webb

Jesse Webb

Apply smarter with Jobr

Jobr aggregates jobs directly from company career portals — no middlemen. Our team applies on your behalf with AI-tailored resumes, reviewed by a human before submission.

Direct from company career pages
AI-personalised cover letters
Human review before every submit
Application tracking & follow-ups