# Director of Infrastructure
**Company:** [AllSpice](https://hotfix.jobs/companies/allspice)
**Location:** Boston, MA, San Francisco, CA
**Experience:** 8+ years
**Skills:** AWS, Terraform, Docker, Kubernetes, Linux, SOC 2, ISO 27001, Prometheus, Grafana, Postgres, GitHub Actions, Python, Bash, Nginx, Guardduty
**Posted:** 2026-03-02
> Leads infrastructure strategy, security, and compliance for a hardware collaboration platform, managing a small team while hands-on with AWS/Terraform. Requires 8+ years infrastructure/security experience, 2+ years people management, and deep AWS expertise.
## Job Description
## What you'll do

### Strategic leadership and security ownership
- Own AllSpice's security posture: policies, incident response, disaster recovery, and ongoing risk assessment
- Maintain SOC 2 compliance, penetration testing, and audit processes; evaluate additional security certifications as needed
- Make architectural decisions on infrastructure direction, including cloud strategy, cost optimization, high availability, and scaling
- Work with legal counsel on security and data-protection matters, including DPAs, breach notification obligations, and regulatory requirements

### Customer and go-to-market coordination
- Partner with customer success and sales to support enterprise deployments, IT security reviews, and SSO/OIDC integrations
- Serve as the primary technical point of contact for customer InfoSec questionnaires and procurement processes
- Support self-hosted and GovCloud deployments for customers with ITAR, EAR, or CUI requirements

### People management and team building
- Hire, mentor, and manage infrastructure engineers as the team grows
- Set team goals, define processes, and establish on-call rotations
- Participate in the on-call rotation and lead incident response when needed
- Create growth paths for ICs and foster a culture of operational excellence

### Hands-on infrastructure
- Architect and maintain production AWS environments using Terraform and infrastructure-as-code
- Automate deployments, backups, and disaster recovery across cloud and self-hosted configurations
- Monitor and improve performance, availability, and cost efficiency of production systems
- Work closely with application developers to deploy infrastructure solutions to product problems

**Our stack**
- Terraform & Docker Swarm deployed to AWS for production infrastructure
- Grafana, Loki, and Prometheus for observability
- GitHub Actions for CI/CD
- Playwright for e2e testing
- Gitea application fork
- Go [server-side]
- PostgreSQL

## Expectations
**Our ideal candidate has:**
- 8+ years of cloud infrastructure and/or security engineering experience
- 2+ years of people management experience (hiring, mentoring, performance management)
- Deep hands-on expertise with AWS services (IAM, GuardDuty, VPC, Lambda, etc.), Linux administration, and Docker
- Demonstrated ownership of security policy, compliance programs (SOC 2, ISO 27001), and incident response
- Experience coordinating with legal counsel, customer-facing teams, and executive leadership on security and compliance matters
- Strong project management skills with ability to lead cross-functional initiatives from engineers to customers
- Comfort with ambiguity and a high degree of autonomy
- Bachelor's degree or higher in a technology-related field
- Must be a U.S. Citizen or Lawful Permanent Resident (Green Card holder)

**(preference, not required)** Availability to work out of our flex offices in San Francisco or Boston 1–2 days per week

## Relevant skills
- **Infrastructure and operations:** Terraform and infrastructure-as-code at scale, AWS services (IAM, GuardDuty, Elasticsearch, ElastiCache, Lambda) and experience with other cloud providers (GCP, Azure), Docker and Kubernetes, Bash and Python scripting, nginx and reverse-proxy services, PostgreSQL administration
- **Security and compliance:** SOC 2, ISO 27001, and other security certification frameworks, ITAR/EAR/CUI compliance and GovCloud deployments, SSO, OIDC, LDAP, and enterprise authentication, Vulnerability scanning, penetration testing coordination, and vendor security reviews
- **Leadership:** Hiring, mentoring, and building infrastructure teams from the ground up, Working with legal counsel on data protection, DPAs, and regulatory matters, Customer-facing technical communication (InfoSec reviews, enterprise onboarding), Project management using tools such as Jira, Notion, or similar
**Apply:** https://hotfix.jobs/jobs/director-of-infrastructure-at-allspice-fe6bc725-d09c-477e-bea4-6e59d787c41c
**Canonical:** https://hotfix.jobs/jobs/director-of-infrastructure-at-allspice-fe6bc725-d09c-477e-bea4-6e59d787c41c