We’re building the first autonomous AI platform that can automatically detect, fix, and validate software vulnerabilities — end to end, at scale. Think of it as agents that can update dependencies, edit Dockerfiles, rebuild Go binaries with patched versions, and validate everything automatically. This is a deeply technical, research-driven role where you’ll design, implement, and scale AI agent systems that operate on real codebases. You’ll work at the intersection of backend engineering, AI systems, and application security — designing agents, context pipelines, and evaluation frameworks that bring autonomous reasoning to production.
What You’ll Do- Design and build AI agents from scratch to production — systems that detect, fix, and validate vulnerable components automatically
- Develop and maintain infrastructure to support agent operations at scale [AIOps], including context management, evaluations and orchestration
- Create agentic workflows that enable multiple agents to collaborate and reason jointly
- Build tools and utilities that agents use (e.g., for image inspection, diff generation, static analysis)
- Implement evaluation and performance measurement methods for agent reliability and accuracy
- Develop hybrid and vector database applications for retrieval and context management
- Build and integrate AI-related apps such as MCP-based systems, chat interfaces, and standalone agent utilities
- Instrument all experiments with tracing, observability, and structured metrics for reproducibility
- 5+ years of hands-on experience in software engineering, preferably with exposure to AI-driven products or infrastructure
- Strong proficiency in Python for backend systems, tooling, and AI integration
- Solid foundation in software engineering, infrastructure, and cloud environments
- Proven experience working with LLMs and AI agents in applied settings
- Familiarity with LangGraph, LangChain, OpenAI, Claude Code, and Cursor frameworks
- Strong understanding of Docker and containerized development workflows
- Experience designing or orchestrating multi-agent systems or agentic workflows
- Awareness of context management techniques and prompt/tool/validation loop design
- Go experience, especially for rebuilding binaries or low-level utilities
- Experience with Argo, Kubernetes, or other orchestration systems
- Background in evaluation frameworks or agent performance measurement
- Experience with code-focused AI agents, developer tools, or AppSec/security automation
- Familiarity with vector databases, RAG pipelines, and graph-based context construction
- Understanding of DevSecOps, AppSec, or software supply chain security concepts
Top Skills
What We Do
At Root.io, we automate container vulnerability management through intelligent patching that doesn't require rebuilds or rebasing. Our platform enables security and development teams to effectively manage vulnerabilities without slowing down deployments.
How Root.io transforms container security:
- Instant vulnerability patching without container rebuilds
- Automated triage that eliminates false positives
- Clear maturity metrics to track security progress
- Native integration with existing CI/CD workflows
- Continuous monitoring across your container ecosystem
What makes us different:
✓ Fix vulnerabilities in minutes, not months
✓ No more manual patching or base image maintenance
✓ Maintain compliance without slowing development
✓ Zero changes to your existing workflows
Designed for today's fast-paced container environments, Root.io eliminates security bottlenecks. Our platform provides immediate time-to-value by eliminating manual security processes and delivering automated, efficient vulnerability management.
