Skip to content
RunpodRunpodUnited States

Cloud Infrastructure Security Engineer

Systems-focused Cloud Infrastructure Security Engineer responsible for securing Runpod's multitenant GPU bare-metal and virtualized environments. Requires 5+ years in infrastructure security, deep Linux kernel and virtualization expertise (KVM/QEMU), and low-level programming (C/Go/Rust) to prevent breakouts and harden against threats.

152k – 175k/yr
Remote5+ YOESecurity Engineering

About the role

Responsibilities

  • Design and implement robust workload and network isolation architectures for multitenant GPU bare-metal and virtualized environments.
  • Harden Linux kernel configurations, container runtimes (e.g., Docker, containerd), and orchestration layers (e.g., Kubernetes) against breakouts and privilege escalation.
  • Conduct deep-dive security assessments and penetration testing targeting hypervisor, network stack, and hardware interfaces.
  • Write code (primarily C, Go, or Rust) to implement custom security controls, telemetry, and fixes at the OS and infrastructure level.
  • Evaluate and mitigate security considerations specific to GPU architecture, PCIe pass-through, and shared memory spaces.
  • Serve as the technical escalation point for infrastructure-level security incidents, developing forensic capabilities for ephemeral container environments.

Required Qualifications

  • 5+ years of experience in infrastructure or systems-level security engineering.
  • Extensive knowledge of Linux kernel internals (cgroups, namespaces, eBPF, SELinux/AppArmor).
  • Deep understanding of virtualization technologies (KVM, QEMU) and workload/network isolation techniques in multitenant environments.
  • Strong systems-level programming skills in C, Go, Rust, or Python.
  • Familiarity with GPU architecture and hardware-level security considerations.
  • Experience in securing bare-metal cloud infrastructure and mitigating lower-level CVEs.

Preferred Qualifications

  • Contributions to open-source systems security projects or virtualization research.
  • Experience writing or deploying eBPF-based security tooling.
  • Deep knowledge of low-level networking protocols and virtualized network security.

Compensation & Benefits

  • Competitive base pay ranges from $152,000 - $175,000 (may be inclusive of several career levels; narrowed during interview process based on experience, qualifications, and location).
  • Meaningful equity in a fast-growing company (stock options for everyone).
  • Generous medical, dental & vision plans.
  • Flexible PTO.
  • $1,200 Home Office & Equipment Stipend.
  • Most roles are remote-first with collaborative teams.

Skills

Linux KernelCgroupsNamespacesEbpfSelinuxApparmorDockerContainerdKubernetesKvmQemuCGoRustPython
Runpod

Full Stack Security Engineer

RunpodUnited States

Full Stack Security Engineer embedding with engineering teams to secure Runpod's AI cloud platform. Lead threat modeling, fix vulnerabilities by writing code in Python/Go/TS, implement DevSecOps pipelines, and champion security across web apps, APIs, and microservices.

152k – 175k/yr
Remote5+ YOESecurity Engineering
Chime

Manager, Product Security

ChimeSan Francisco, CA

Leads a team securing cloud infrastructure, sensitive data, and AI systems in products. Influences engineering roadmaps, embeds security in designs, and manages AI risks like prompt injection and data leakage. Requires 5+ years security engineering and 2+ years leading engineers.

152k – 210k/yr
Hybrid5+ YOESecurity Engineering
Wiz

Threat Intelligence Researcher (Cloud)

WizNew York, NY

Track, analyze, and attribute advanced state-backed and financially motivated threat actors targeting cloud environments. Requires 5+ years in threat research with expertise in malware, infrastructure tracking, and large-scale telemetry analysis.

151k – 208k/yr
Remote5+ YOESecurity Engineering
Mercor

Software Engineer, Identity

MercorSan Francisco, CA

Build and scale Mercor's novel identity and access management infrastructure across thousands of Slack workspaces and HR systems for a 100k+ expert network. Requires strong product engineering, large-scale distributed systems experience, and security-minded design instincts.

150k – 325k/yr
On-site5+ YOESecurity Engineering
AKASA

IT Security Operations Engineer

AKASASan Francisco, CA

IT Security Operations Engineer responsible for implementing DLP, email security, endpoint protection, Okta/Google Workspace hardening, automation, compliance evidence collection, and incident response in a hybrid healthcare AI startup.

150k – 190k/yr
Hybrid4+ YOESecurity Engineering