Location: Bengaluru
Mission: Live at the intersection of app runtime & security. Protect applications in a fundamental way so that developers can build great application services and not be constantly looking over their shoulder. BlueRock is changing the landscape of App runtime security.
What You'll Build:
BlueRock Agentic Sandbox: Be part of the team developing our flagship multi-language runtime security platform
Deep-Trace Observability: Build the infra that hooks into frameworks like CrewAI, Google ADK, and OpenAI Agents to monitor and intercept malicious intent in real-time
End-to-End Hardening: Secure the entire lifecycle from agent orchestration to execution
Required Qualifications:
Systems Generalist: 5+ years of experience. You aren't afraid to go below the API to the kernel or the runtime
Deep knowledge of Python or JS/Node.js, including monkey patching, import hooking, and dynamic instrumentation
Agent Fluent: You've spent time with LangChain, CrewAI, or similar frameworks.
Observability: Experience with OpenTelemetry, Datadog or similar for high-cardinality distributed tracing
You've integrated AI-assisted coding (Claude Code, Cursor, CoPilot) into your daily workflow to move faster
Preferred Qualifications:
Experience with protocols like MCP (Model Context Protocol) or A2A
A "Hacker Mindset" (OWASP expertise, understanding deserialization, SSRF, and privilege escalation)
Experience with Container Runtimes (OCI, containers) or a love for Rust
Experience with K8s or similar orchestration frameworks
About BlueRock:
BlueRock is a well-funded, early stage cybersecurity company founded by experienced security minded entrepreneurs. Our mission is to change the game in cybersecurity. Attackers are exploiting in hours. The dependency tree is exploding. Developers are drowning in vulnerability debt. BlueRock changes the game, enabling organizations to shift from chasing CVEs and exploits to proactively protecting the foundations of applications and computing, so that developers can build great applications without looking over their shoulders.
BlueRock delivers Agentic Security, helping teams see and secure autonomous agent actions before they run.
Modern AI agents take real actions: invoking tools, accessing data, and executing operations that impact production systems. BlueRock provides the visibility, intelligence, and pre-execution protection needed to adopt agentic workflows safely and at scale.
Our platform includes:
• MCP Trust Registry - Know which MCP servers are safe before your agents connect.
• Agentic Action Path - See what agents actually do across tools, data, and execution.
• Agentic Security Controls - Protect what agents can execute with sandboxing, tool governance, data policies, and execution controls.
Founded by cybersecurity pioneers Ashar Aziz (Founder/CEO of FireEye) and Bob Tinker (Founder/CEO of MobileIron), BlueRock’s mission is to make autonomous agents safe for enterprises — enabling teams to build with confidence, move quickly, and maintain full control of agent actions.
🔗 Learn more at bluerock.io
