Skip to content
ModalModalNew York, NY

Infrastructure Security Engineer

Designs and secures core infrastructure for multi-tenant AI platform, focusing on container isolation, orchestration (Kubernetes), identity management, secrets handling, and cloud security across AWS/GCP. Requires production experience in cloud-native systems and builder mindset for hands-on implementation.

150k – 270k/yr
HybridSecurity Engineering

About the role

What You'll Do

Platform & Runtime Security

  • Design and improve isolation mechanisms for multi-tenant workloads (containers, sandboxing, execution environments)
  • Strengthen boundaries between customers, workloads, and internal systems
  • Identify and mitigate risks in distributed, dynamic compute environments

Container & Orchestration Security

  • Secure and harden containerized workloads and orchestration systems (e.g., Kubernetes or similar)
  • Improve workload isolation, scheduling boundaries, and runtime protections
  • Evaluate tradeoffs in multi-tenant execution models

Identity & Access Management

  • Design and improve authentication and authorization systems across services
  • Implement strong service-to-service identity and least-privilege access patterns
  • Improve access controls across infrastructure and internal systems

Secrets & Key Management

  • Build and maintain systems for securely managing secrets, tokens, and credentials
  • Improve rotation, auditing, and access controls
  • Reduce secret sprawl and integrate secure patterns into developer workflows

Cloud & Infrastructure Security

  • Secure cloud environments across providers (AWS, GCP, etc.) with a focus on consistency and portability
  • Improve network boundaries, service segmentation, and access controls
  • Embed security into infrastructure-as-code and deployment systems

Engineering Partnership

  • Work closely with product and infrastructure teams to design secure systems from the ground up
  • Review architecture and code for security risks and provide actionable guidance
  • Identify patterns in risks and drive cross-cutting improvements

Requirements

Core Experience

  • Experience securing cloud-native infrastructure and distributed systems in production
  • Background in infrastructure, backend, or security engineering
  • Experience working in multi-tenant or high-scale environments

Technical Depth

  • Strong understanding of containerization and orchestration systems (e.g., Kubernetes or similar)
  • Experience designing or securing isolation mechanisms in multi-tenant systems
  • Solid understanding of authentication, authorization, and service identity models
  • Experience with secrets management and secure handling of credentials
  • Strong foundation in networking concepts (segmentation, service communication, access boundaries)

Mindset

  • Builder mentality, you design and implement, not just review
  • Pragmatic approach to security in fast-moving environments
  • Comfortable working deeply with engineers and influencing system design

Preferred Qualifications

  • Experience with sandboxing or runtime isolation technologies (e.g., gVisor, Firecracker, seccomp, or similar)
  • Familiarity with kernel-level or low-level isolation primitives
  • Experience securing Kubernetes or similar orchestration systems in production
  • Background in developer infrastructure, compute platforms, or multi-tenant systems

Skills

KubernetesContainerizationGvisorFirecrackerSeccompAWSGCPSecrets ManagementOAuthMtlsNetworkingSandboxing
Mercor

Software Engineer, Identity

MercorSan Francisco, CA

Build and scale Mercor's novel identity and access management infrastructure across thousands of Slack workspaces and HR systems for a 100k+ expert network. Requires strong product engineering, large-scale distributed systems experience, and security-minded design instincts.

150k – 325k/yr
On-site5+ YOESecurity Engineering
AKASA

IT Security Operations Engineer

AKASASan Francisco, CA

IT Security Operations Engineer responsible for implementing DLP, email security, endpoint protection, Okta/Google Workspace hardening, automation, compliance evidence collection, and incident response in a hybrid healthcare AI startup.

150k – 190k/yr
Hybrid4+ YOESecurity Engineering
Novig

Security Engineer

NovigNew York, NY

Build and maintain security automation pipelines, AI agents, SOAR/SIEM integrations, vulnerability management, and IAM systems for a sports prediction market platform.

150k – 200k/yr
On-site5+ YOESecurity Engineering
Fal

Governance, Risk & Compliance Engineer

FalSan Francisco, CA

GRC Engineer responsible for designing and improving governance, risk management, and compliance programs at a generative AI platform company. Manage certifications (SOC 2, ISO 27001, GDPR), lead risk assessments, support customer security reviews, and develop automation for cloud and AI infrastructure controls.

150k – 250k/yr
On-site5+ YOESecurity Engineering
GitLab

Manager, Security Incident Response Team (USA)

GitLabUnited States

Leads the Security Incident Response Team in the Americas, managing engineers through threat hunting, investigations, triage, and large-scale responses while coaching performance and driving process improvements using AI and automation.

150k – 235k/yr
RemoteSecurity Engineering