Principal Software Engineer (Founding Team)

About Always Further

AI agents are becoming autonomous — they execute code, call APIs, and make decisions without human oversight. An adequate security approach to govern them doesn't exist yet. We're building it.

Our founding team created Sigstore, the open-source signing standard now used by npm, PyPI, Kubernetes, and other critical infrastructure. We're applying that same thinking to agentic security: execution boundaries, immutable attestation, and dynamic capability management for AI agents.

The Role

We're looking for a Principal Software Engineer to join as a founding engineer. You'll work directly with the founders to build the core of our agent security runtime. This is a high-autonomy role — you'll shape architecture, engage with early customers, and make the trade-offs that define the product.

What You'll Do

• Execution Boundary: Build the layer between agentic reasoning and system execution — intercepting, classifying, and validating every agent intent against security policy before it runs.
• Immutable Attestation: Design systems that capture and cryptographically verify every instruction and action, maintaining ground truth in environments prone to hallucination and injection.
• Dynamic Capability Management: Architect fine-grained, time-scoped primitives that allow least-privilege permissions, with the ability to escalate under controlled, auditable conditions.
• Adversarial Resilience: Work with research to stress-test our security primitives at scale. Turn emerging threat vectors (prompt injection, tool misuse, privilege escalation) into adaptive defences.
• Customer-Facing Iteration: Talk to early customers, understand their threat models, environments, and constraints, and translate requirements into shipping features. Tight feedback loops, not long roadmaps.

What We're Looking For

• Deep Linux kernel security experience. You've worked with Low-level security mechanisms, LSM, seccomp-bpf, namespaces/cgroups, and system call tracing. You understand TOCTOU, path traversal, and syscall-level attack surfaces — not just conceptually, but from building defences against them.
• Polyglot experience. You've built production systems in multiple languages and can choose the right tool for the job. You understand how to design interfaces between components with different performance, safety, and expressivity requirements.
• Strong Rust skills. You're comfortable writing production Rust for systems-level work. Python experience is also useful for tooling and research integration.
• Cryptographic supply chain awareness. You care about software provenance, signing, and chain of trust. Familiarity with Sigstore, in-toto, or similar frameworks is a plus.
• Comfortable with AI-assisted development. You use tools like Claude Code when they accelerate delivery, but you understand their limitations and risks and never cede ownership of the code.
• 0-to-1 experience. You've built things from scratch in early-stage or greenfield environments. You're comfortable with ambiguity and can make pragmatic trade-offs between speed and rigour.
• Clear communicator. You can explain complex systems trade-offs to both engineers and non-technical stakeholders. You write well and review thoroughly.

How We Work

• Best idea wins. We're a small team. Good ideas come from anywhere and get tested against reality, not seniority.
• Intellectual humility. Nobody has all the answers in a space this new. We expect curiosity over ego.
• Rigorous peer review. We debate openly and hold each other to a high bar. The goal is the best outcome, not being right.

Why Join

• Foundational impact. You're not joining a team — you're building one. Your architectural decisions become the product.
• Foundational Stake & Compensation. As an early foundational hire at a pre-seed company, you will receive a highly competitive equity stake designed to reward early risk-taking and outsized impact, paired with a pre-seed base salary.
• Remote, UK preferred. We're UK-based but open to exceptional candidates wherever they are. We provide flexible working built on trust and ownership.

---

Interested? Send your CV and a brief note about what draws you to agent security in the form below. We look forward to hearing from you!