Gray holds SSH keys, runs commands on production machines, and lets AI agents touch real infrastructure. Our security posture is the product. You will be our first dedicated security hire and set the bar for everything that follows.
What you will own
Own the threat model — device, daemon, transport, agents, approvals
Harden key management: keys never leave the box, and you make that provable
Design the approval system's guarantees — what an agent can never do without a human
Run our disclosure program and respond to reports yourself
Build security into CI so the default path is the safe path
What you bring
Deep applied security experience — systems, network, or product security
You can read and write real code; this is an engineering role
Experience securing SSH, secrets, or infrastructure tooling
Calm, clear communication under incident pressure
Nice to have
Public CVEs, audits, or disclosure write-ups
Experience with AI-agent safety boundaries
What we offer
Meaningful equity. Every role carries a real stake in Layer Gray, with a 10-year exercise window.
Remote, worldwide. Work from anywhere. We hire for the role, not the time zone.
Hardware budget. $4,000 for your machines, plus a home server allowance — you should run Gray on your own box.
Flexible time off. 25 days minimum, and we mean minimum. We track outcomes, not hours.
Health covered. Full medical, dental, and vision for you and your dependents, wherever you are.
Two offsites a year. The whole crew, one room, twice a year. The rest of the time, async.
Model subscriptions. Claude, GPT, and friends — every frontier model subscription, paid.
Learning budget. $2,000 a year for books, courses, and conferences. No approval theatre.
About Gray
Gray is voice-first AI you operate like a terminal. You speak; it runs real work across your machines — SSH sessions, multi-agent jobs, files, scheduled tasks — then speaks back. It is self-hosted, private by architecture, and built for the people who run the internet’s plumbing. Gray is made by Layer Gray, Inc.