diff --git a/src/expb/configs/scenarios.py b/src/expb/configs/scenarios.py
index 759ebb2..68fe472 100644
--- a/src/expb/configs/scenarios.py
+++ b/src/expb/configs/scenarios.py
@@ -161,6 +161,10 @@ class Scenario(BaseModel):
         description="Extra commands to run in the execution client docker container during the test execution.",
         default=[],
     )
+    security_opt: list[str] = Field(
+        description="Docker security options for the execution client container (e.g., seccomp=unconfined).",
+        default=[],
+    )
 
     @field_validator("client", mode="before")
     @classmethod
diff --git a/src/expb/payloads/executor/executor.py b/src/expb/payloads/executor/executor.py
index 91d725d..6bd8ab7 100644
--- a/src/expb/payloads/executor/executor.py
+++ b/src/expb/payloads/executor/executor.py
@@ -230,6 +230,8 @@ def start_execution_client(
             run_kwargs["cpuset_cpus"] = self.config.resources.cpuset
         if self.config.resources and self.config.resources.mem_swappiness is not None:
             run_kwargs["mem_swappiness"] = self.config.resources.mem_swappiness
+        if self.config.execution_client_security_opt:
+            run_kwargs["security_opt"] = self.config.execution_client_security_opt
         container = self.config.docker_client.containers.run(**run_kwargs)
         return container
 
@@ -648,7 +650,9 @@ def cleanup_scenario(
             )
             execution_client_container.reload()
             execution_client_volumes = execution_client_container.attrs["Mounts"]
-            execution_client_container.stop()
+            # Give execution client 60s after SIGTERM to flush data (e.g. PGO
+            # profiles via WritePGOData) before Docker sends SIGKILL (default 10s)
+            execution_client_container.stop(timeout=120)
             logs_file = (
                 self.config.outputs_dir
                 / f"{self.config.get_execution_client_name()}.log"
diff --git a/src/expb/payloads/executor/executor_config.py b/src/expb/payloads/executor/executor_config.py
index db03245..7e7f56e 100644
--- a/src/expb/payloads/executor/executor_config.py
+++ b/src/expb/payloads/executor/executor_config.py
@@ -62,6 +62,7 @@ def __init__(
             scenario.extra_volumes
         )
         self.execution_client_extra_commands = scenario.extra_commands
+        self.execution_client_security_opt = scenario.security_opt
 
         # Executor Additional Tooling config
         ## Docker client