# Staff Product Security Engineer

**Company:** [Crusoe](https://hotfix.jobs/companies/crusoe)
**Location:** San Francisco, CA
**Role:** Security Engineering
**Salary:** $250k – $285k/yr
**Experience:** 8+ years
**Skills:** Kubernetes, Penetration Testing, Red Team Operations, Cobalt Strike, LLMs, MLOps, RAG, Go, Python, Rust, CI/CD, SAST, DAST, Sca, Policy As Code
**Posted:** 2025-05-22

> Leads advanced penetration testing, red team operations, and AI/ML security research to secure applications, infrastructure, and distributed AI systems including LLMs and Kubernetes environments. Requires 8-10 years offensive security experience and strong software engineering in Go/Python/Rust.

## Job Description

## What You’ll Be Working On

- Performing advanced manual penetration testing across complex applications, infrastructure, Kubernetes environments, and distributed microservice ecosystems
- Leading offensive security initiatives including red team operations, adversary simulation, and security research
- Securing AI/ML systems end-to-end, including LLM pipelines, vector databases, RAG architectures, and agentic workflows
- Identifying and researching novel attack surfaces unique to LLMs and autonomous systems, contributing to internal and external AI security research
- Influencing secure system design across the SDLC, embedding security into CI/CD pipelines, container images, and deployment workflows
- Integrating and operationalizing security tooling (SAST, DAST, SCA, container scanning) and driving remediation of complex application-layer vulnerabilities
- Building internal security guardrails such as hardened base images, reusable libraries, and policy-as-code frameworks
- Developing production-grade security tooling and leading cross-functional security programs from design through deployment

## What You’ll Bring to the Team

- 8-10 years of deep hands-on experience in offensive security, including manual penetration testing, red team operations, and adversary simulation
- Familiarity with modern C2 frameworks (e.g., Cobalt Strike, Sliver, Havoc), exploit development, and security research
- Strong expertise across the AI/ML stack, including MLOps, inference architectures, vector databases, RAG, and agentic frameworks (e.g., ReAct, Reflexion)
- Experience building, deploying, and securing LLM pipelines and AI workflows in Kubernetes and/or bare-metal environments
- Strong software engineering foundations with experience shipping production code in **Go**, **Python**, or **Rust**
- Hands-on experience securing **Kubernetes**, containers, VMs, and CI/CD environments
- Deep understanding of application security vulnerabilities, secure coding practices, and distributed system design
- Demonstrated ability to lead complex, cross-functional security initiatives end-to-end
- Strong communication skills with the ability to influence both engineering teams and executive stakeholders

**Bonus Points**
- Public contributions to offensive security or AI security research (talks, blogs, tooling, CVEs, etc.)
- Experience building internal red team or adversary simulation programs
- Background in high-performance computing, AI infrastructure, or cloud-native platform security
- Experience designing policy-as-code frameworks at scale

## Benefits

- Competitive compensation
- Restricted Stock Units
- Paid time off & paid holidays
- Comprehensive health, dental & vision insurance
- Employer contributions to HSA account
- Paid parental leave
- Paid life insurance, short-term and long-term disability
- Professional development & tuition reimbursement
- Mental health & wellness support
- Commuter benefits (parking & transit)
- Cell phone stipend
- 401(k) Retirement plan with company match up to 4% of salary

**Compensation Range**: up to $250,000 - $285,000 + Bonus. Restricted Stock Units are included in all offers. Compensation to be determined by the applicant's knowledge, education, and abilities, as well as internal equity and alignment with market data.

## Similar roles

- [Staff Software Engineer, Fraud](https://hotfix.jobs/jobs/aa86d79c-af69-4a6a-bdd8-8bd480bb43a9) - Replit - Foster City, CA - $250k – $315k/yr
- [Staff Software Engineer, Risk](https://hotfix.jobs/jobs/5cc2b135-9342-4987-9b19-269e001150fe) - Replit - Foster City, CA - $250k – $315k/yr
- [Staff Software Engineer, Trust & Safety](https://hotfix.jobs/jobs/b088358f-42cf-4983-9717-f6c60abcc9e7) - Replit - Foster City, CA - $250k – $315k/yr
- [Staff Incident Responder](https://hotfix.jobs/jobs/f9dd71bf-90d8-4885-a743-deed513fd41c) - Fluidstack - San Francisco, CA - $250k – $350k/yr
- [Staff Software Engineer, Platform Security](https://hotfix.jobs/jobs/f9f68913-83ff-44d8-b357-749b29f4c55f) - Discord - Remote - $248k – $279k/yr

**Apply:** https://hotfix.jobs/jobs/79405bb0-9cc6-4690-8bb5-f9c43867f6f6
**Canonical:** https://hotfix.jobs/jobs/79405bb0-9cc6-4690-8bb5-f9c43867f6f6