Platform Engineer

[What we’re building]

Pickle is the first bespoke personal AI, built inside iMessage — the most natural interface consumers already live in.

You tell Pickle what you need, and it builds a mini-app for you on the fly: a fitness coach, a medication tracker, a quantum physics tutor, or whatever else you need. Every app shares one continuous memory, so your workout app knows what you ate in your cooking app.

Over time, Pickle comes to understand your personal story more deeply and starts changing your life proactively — by messaging you first.

https://pickle.ai/

To try it out, join the waitlist at the link above.

[The role]

We’re looking for a Founding Platform Engineer to own the entire infrastructure layer of a consumer AI product where every user gets their own isolated computing environment, every piece of data is encrypted end-to-end, and the system is designed so that even we as operators cannot access user data in plaintext.

This is not a typical infrastructure role. You’ll design systems where per-user agents run in sandboxed environments, stateful distributed workloads are orchestrated across pods, and privacy is guaranteed not by policy, but by architecture.

At this stage, we need someone who can re-architect the platform for massive scale and lead the migration to Terraform-based infrastructure as code.

[Scope and ownership]

Per-user agent execution environments

Design and operate sandboxed environments where LLM agents can execute shell commands, access filesystems, and interact with user data — with full network isolation, short-lived token management, and per-user resource scaling.

Stateful distributed workloads

Orchestrate real-time iMessage sessions that maintain per-user state across distributed pods. Build and scale multi-stage pipelines lasting from minutes to hours, triggered by events and schedules, including external service calls, data processing, and storage — all while preserving end-to-end encryption.

Encryption-based security architecture

Implement a backend architecture split in two: a hardware-isolated enclave written in Rust handles all encryption, decryption, and LLM calls, while the rest of the backend only ever touches ciphertext. Text search, vector similarity, date filtering, sorting, and exact matching must all work on encrypted data.

Infrastructure as Code

Lead the Terraform migration of our infrastructure stack, including EKS clusters, node groups, VPC, IAM, and related systems.

[What we’re looking for]

Mandatory

Kubernetes at depth

Not just deploying pods, but designing a cluster where stateless API servers, long-running stateful workers, hardware-isolated enclave instances, and per-user sandboxed pods all coexist. You should be comfortable with node group separation, network policies, scheduling strategies, and pod/node scaling using tools like Karpenter.

Python for systems design

Experience designing runtime rule-passing systems similar to Envoy’s xDS model, with clear control plane / data plane separation. Strong understanding of idempotent distributed operations, partial failure recovery, race condition prevention, and long-running workflow orchestration.

Redis as a coordination layer

Experience using Redis for distributed session management, worker coordination, distributed locking, and pub/sub event propagation — not just caching. You should understand systems like Redlock, including both their mechanics and limitations.

Observability architecture

Experience designing custom metrics for workloads where CPU- or memory-based scaling is not enough. Strong understanding of SLI/SLO-driven alerting and debugging in environments where the underlying data cannot be directly inspected because it is encrypted. Familiarity with Prometheus, Grafana, and Loki.

Terraform

Experience managing the layer beneath Kubernetes, including EKS, VPC, IAM, and security groups, with well-structured modules in the style of terraform-aws-modules.

[Nice to have]

Rust

Our enclave is written in Rust. You don’t need to be a Rust expert, but you should be comfortable reading, modifying, and debugging issues that cross the boundary between Python and Rust.

Experience with per-user stateful workloads or compute isolation

Experience with systems involving per-user state, per-user compute isolation, GPU provisioning, or pod/VM-level isolation is a plus.

Experience designing systems from scratch at a startup

We value people who have designed systems from first principles in startup environments — not just operated or optimized systems that already existed at large companies.

[Process]

Architecture assessment

We’ll discuss real design problems from our system. We want to see whether you can reason about trade-offs across encryption, distributed state, and multi-tenant isolation all at once. Candidates will receive a detailed technical document covering infrastructure topology, enclave callback patterns, and encrypted data operation flows.

Green flags

• You’ve made architecture decisions where there was no playbook.
• You find it genuinely exciting, not stressful, to solve problems that have not been solved before.
• You believe per-user computing and privacy-preserving infrastructure are defining challenges of the agent era.

[Offer]

• Competitive cash compensation plus meaningful equity as an early team member
• Health and benefits plan
• Flexible PTO
• Nice 5,000+ sq ft Hacker House in Hillsborough, CA
• Full coverage of visa and relocation costs for exceptional non-US candidates
• Flat hierarchy and high ownership — you’ll own the entire infrastructure layer

[Apply]

Reach out to Daniel at daniel@pickle.com with your background, relevant projects or systems you’ve built, and why this problem space excites you.