# Cloud Infrastructure Security Engineer

**Company:** [Runpod](https://hotfix.jobs/companies/runpod)
**Location:** Remote
**Role:** Security Engineering
**Salary:** $152k – $175k/yr
**Experience:** 5+ years
**Skills:** Linux Kernel, Cgroups, Namespaces, Ebpf, Selinux, Apparmor, Docker, Containerd, Kubernetes, Kvm, Qemu, C, Go, Rust, Python
**Posted:** 2026-07-15

> Systems-focused Cloud Infrastructure Security Engineer responsible for securing Runpod's multitenant GPU bare-metal and virtualized environments. Requires 5+ years in infrastructure security, deep Linux kernel and virtualization expertise (KVM/QEMU), and low-level programming (C/Go/Rust) to prevent breakouts and harden against threats.

## Job Description

## Responsibilities
- Design and implement robust workload and network isolation architectures for multitenant GPU bare-metal and virtualized environments.
- Harden Linux kernel configurations, container runtimes (e.g., Docker, containerd), and orchestration layers (e.g., Kubernetes) against breakouts and privilege escalation.
- Conduct deep-dive security assessments and penetration testing targeting hypervisor, network stack, and hardware interfaces.
- Write code (primarily C, Go, or Rust) to implement custom security controls, telemetry, and fixes at the OS and infrastructure level.
- Evaluate and mitigate security considerations specific to GPU architecture, PCIe pass-through, and shared memory spaces.
- Serve as the technical escalation point for infrastructure-level security incidents, developing forensic capabilities for ephemeral container environments.

## Required Qualifications
- 5+ years of experience in infrastructure or systems-level security engineering.
- Extensive knowledge of Linux kernel internals (cgroups, namespaces, eBPF, SELinux/AppArmor).
- Deep understanding of virtualization technologies (KVM, QEMU) and workload/network isolation techniques in multitenant environments.
- Strong systems-level programming skills in C, Go, Rust, or Python.
- Familiarity with GPU architecture and hardware-level security considerations.
- Experience in securing bare-metal cloud infrastructure and mitigating lower-level CVEs.

## Preferred Qualifications
- Contributions to open-source systems security projects or virtualization research.
- Experience writing or deploying eBPF-based security tooling.
- Deep knowledge of low-level networking protocols and virtualized network security.

## Compensation & Benefits
- Competitive base pay ranges from $152,000 - $175,000 (may be inclusive of several career levels; narrowed during interview process based on experience, qualifications, and location).
- Meaningful equity in a fast-growing company (stock options for everyone).
- Generous medical, dental & vision plans.
- Flexible PTO.
- $1,200 Home Office & Equipment Stipend.
- Most roles are remote-first with collaborative teams.

## Similar roles

- [Full Stack Security Engineer](https://hotfix.jobs/jobs/8663cf4e-df75-4318-9410-189edd5593cc) - Runpod - Remote - $152k – $175k/yr
- [Manager, Product Security](https://hotfix.jobs/jobs/bf4497bd-cd12-4187-8e81-2050865a76f5) - Chime - San Francisco, CA - $152k – $210k/yr
- [Threat Intelligence Researcher (Cloud)](https://hotfix.jobs/jobs/d96cf3cb-eae0-4049-a146-831c6d933b20) - Wiz - Remote - $151k – $208k/yr
- [Software Engineer, Identity](https://hotfix.jobs/jobs/95795ec8-bfd1-44c8-a7a1-b16c9be3d31b) - Mercor - San Francisco, CA - $150k – $325k/yr
- [IT Security Operations Engineer](https://hotfix.jobs/jobs/ab8df8f3-05c1-4b41-a516-c95445575498) - AKASA - San Francisco, CA - $150k – $190k/yr

**Apply:** https://hotfix.jobs/jobs/c1242456-9dcd-4b44-b9cb-d19a59d3edac
**Canonical:** https://hotfix.jobs/jobs/c1242456-9dcd-4b44-b9cb-d19a59d3edac