What You’ll Do
- Architect security patterns for platforms and services, including network segmentation, service-to-service authentication, RBAC, and policy enforcement in Kubernetes and cloud environments.
- Manage identity, access, and secrets for humans and services: workload and cross-cloud identity, least-privilege IAM, and secrets management.
- Build secure platforms for data ingestion, processing, and curation: classification, encryption, access controls, and safe sharing patterns across teams.
- Write threat models and review designs with researchers and engineers to help them ship features and experiments in a safe, scalable way.
- Automate security checks and build guardrails: policy-as-code, secure infrastructure baselines, validation in CI/CD, and tools that make the secure path the easiest one.
Skills and Qualifications
Minimum qualifications
- Bachelor’s degree or equivalent experience in engineering, or similar.
- Strong background with containers and orchestration (Kubernetes) and how to secure them (namespaces, network policies, pod security, admission controls, etc.)
- Practical experience with Infrastructure as Code (Terraform or similar), including secure patterns for provisioning networks, IAM, and shared services.
- Solid understanding of cloud networking and security: VPCs, load balancers, service discovery, mTLS, firewalls, and zero-trust-style architectures.
- Proficiency with a systems language such as Rust and scripting in Python for building platform components and internal tools.
- Evidence of owning complex, production-critical systems, including debugging issues that span infra, security, and application layers.
Preferred qualifications
- Experience with ML infrastructure, GPU clusters, or large-scale training environments (schedulers, job queues, shared storage, multi-tenant clusters).
- Background in AI labs, HPC environments, or ML-heavy organizations where both security and performance are first-class concerns.
- Experience profiling and tuning high-throughput systems, and an ability to reason about the cost of additional security layers.
- Talks, blogs, or publications on infrastructure security, distributed systems, or performance engineering.
- Open-source contributions to security, orchestration, observability, or infrastructure tooling.
- Familiarity with securing specialized hardware (GPUs, TPUs) and their integrations into training and inference pipelines.
Logistics
Compensation: Depending on background, skills and experience, the expected annual salary range for this position is $200,000 - $475,000 USD.
Benefits: Generous health, dental, and vision benefits, unlimited PTO, paid parental leave, and relocation support as needed.