Infrastructure Engineer, Security

What You’ll Do

• Architect security patterns for platforms and services, including network segmentation, service-to-service authentication, RBAC, and policy enforcement in Kubernetes and cloud environments.
• Manage identity, access, and secrets for humans and services: workload and cross-cloud identity, least-privilege IAM, and secrets management.
• Build secure platforms for data ingestion, processing, and curation: classification, encryption, access controls, and safe sharing patterns across teams.
• Write threat models and review designs with researchers and engineers to help them ship features and experiments in a safe, scalable way.
• Automate security checks and build guardrails: policy-as-code, secure infrastructure baselines, validation in CI/CD, and tools that make the secure path the easiest one.

Skills and Qualifications

Minimum qualifications

• Bachelor’s degree or equivalent experience in engineering, or similar.
• Strong background with containers and orchestration (Kubernetes) and how to secure them (namespaces, network policies, pod security, admission controls, etc.)
• Practical experience with Infrastructure as Code (Terraform or similar), including secure patterns for provisioning networks, IAM, and shared services.
• Solid understanding of cloud networking and security: VPCs, load balancers, service discovery, mTLS, firewalls, and zero-trust-style architectures.
• Proficiency with a systems language such as Rust and scripting in Python for building platform components and internal tools.
• Evidence of owning complex, production-critical systems, including debugging issues that span infra, security, and application layers.

Preferred qualifications

• Experience with ML infrastructure, GPU clusters, or large-scale training environments (schedulers, job queues, shared storage, multi-tenant clusters).
• Background in AI labs, HPC environments, or ML-heavy organizations where both security and performance are first-class concerns.
• Experience profiling and tuning high-throughput systems, and an ability to reason about the cost of additional security layers.
• Talks, blogs, or publications on infrastructure security, distributed systems, or performance engineering.
• Open-source contributions to security, orchestration, observability, or infrastructure tooling.
• Familiarity with securing specialized hardware (GPUs, TPUs) and their integrations into training and inference pipelines.

Logistics

Compensation: Depending on background, skills and experience, the expected annual salary range for this position is $200,000 - $475,000 USD.

Benefits: Generous health, dental, and vision benefits, unlimited PTO, paid parental leave, and relocation support as needed.