Engineering Tech Lead (vNode)

Loft Labs, Inc.

Job Overview

Location

United States - Remote

Job Type

Full-time

Full Job Description

📋 Description

• Own the technical execution of vNode, a container runtime built on Linux user namespaces and seccomp that replaces virtual kubelets and microVMs to deliver VM-grade tenant isolation without VM overhead.
• Define the architecture for how vNode integrates with containerd, the kubelet, and Kubernetes node-level components, determining what features ship, get deferred, or require redesign.
• Lead deep technical work at the intersection of vNode and container runtimes including containerd, runc, Kata Containers, and gVisor, explaining and improving the behavior between a Pod spec and a process running in a constrained user namespace with a tight seccomp profile.
• Own the kubelet integration surface, including CRI, device plugins, cgroups v2, eviction policies, and the complex interface between Kubernetes’ node model and a runtime that does not assume one tenant per node.
• Set the engineering bar by leading technical design reviews, establishing testing patterns for isolation guarantees, and mentoring engineers on the team without holding a formal people management role.
• Act as Customer Zero for vNode by running it against internal vCluster Platform tenant clusters before customer deployment, ensuring production readiness and closing the feedback loop between operator needs and runtime behavior.
• Represent vCluster Labs externally by contributing upstream to containerd, runc, Kubernetes SIG-Node, and related projects, publishing technical posts that articulate the value of namespace-based isolation, and speaking at KubeCon-class conferences when appropriate.
• Write production-grade Go code at the systems level — directly handling syscalls, namespaces, file descriptors, and process lifecycle operations — not just application service handlers.
• Apply deep fluency in Linux isolation mechanisms including user namespaces, seccomp-bpf, Linux capabilities, and Landlock, with firsthand experience shipping code that relies on these primitives and understanding their failure modes.
• Drive technical direction by writing comprehensive design documents, prototyping complex components, and leading the team through execution without becoming a bottleneck.
• Ensure vNode meets the needs of AI Cloud operators and regulated enterprises by aligning runtime capabilities with real-world requirements for multi-tenant, GPU-intensive, and security-sensitive infrastructure.
• Maintain and extend open-source contributions aligned with vCluster Labs’ DNA, ensuring transparency, community alignment, and industry-wide adoption of namespace-based isolation standards.

🎯 Requirements

• Deep container runtime experience shipping production work against containerd directly, not just consuming it via Docker or Kubernetes
• Kubernetes node-level depth working inside the kubelet, CRI layer, or node-resident agents, with understanding of cgroups v2, OCI hooks, and PLEG
• Go systems programming proficiency writing production code for syscalls, namespaces, file descriptors, and process lifecycle
• Linux isolation fluency with hands-on experience shipping code using user namespaces, seccomp-bpf, capabilities, and Landlock
• Tech Lead instincts demonstrated through writing design docs, prototyping hard problems, and elevating team standards without formal management authority
• Bonus: Upstream contributions to containerd, runc, Kata, gVisor, Kubernetes SIG-Node, or related projects

🏖️ Benefits

• Competitive salary including equity
• Platinum-level insurance covering health, dental, vision, and life insurance for employees and eligible dependents (benefits vary by country)
• Flexible working schedule with no requirement to clock in at specific times
• Workplace flexibility to work from any location and adjust environment as life changes

Skills & Technologies

Node.js

Docker

Kubernetes

GitLab

Senior

Remote

Ready to Apply?

Apply Externally

You will be redirected to an external site to apply.

Loft Labs, Inc.

Visit Website

About Loft Labs, Inc.

Loft Labs created vCluster, an open-source tool that spins up lightweight, virtual Kubernetes clusters inside existing namespaces. By running an isolated control plane within a single namespace, teams gain cluster-like isolation without the cost or overhead of full clusters, enabling safe multi-tenancy, faster CI/CD, and easier development workflows. The company provides enterprise support, a management platform, and add-ons to scale virtual clusters across clouds and on-premises infrastructure.

View Company Profile

Get more remote jobs like this

Subscribe to the weekly newsletter for similar remote roles and curated hiring updates.

Weekly remote jobs and featured talent.

No spam. Only curated remote roles and product updates. You can unsubscribe anytime.