# Infrastructure Security Engineer **Company:** [Modal](https://hotfix.jobs/companies/modal) **Location:** New York, NY, San Francisco, CA **Salary:** $150K-$270K **Skills:** Kubernetes, Containerization, Gvisor, Firecracker, Seccomp, AWS, GCP, Secrets Management, OAuth, Mtls, Networking, Sandboxing **Posted:** 2026-04-21 > Designs and secures core infrastructure for multi-tenant AI platform, focusing on container isolation, orchestration (Kubernetes), identity management, secrets handling, and cloud security across AWS/GCP. Requires production experience in cloud-native systems and builder mindset for hands-on implementation. ## Job Description ## What You'll Do ### Platform & Runtime Security - Design and improve isolation mechanisms for multi-tenant workloads (containers, sandboxing, execution environments) - Strengthen boundaries between customers, workloads, and internal systems - Identify and mitigate risks in distributed, dynamic compute environments ### Container & Orchestration Security - Secure and harden containerized workloads and orchestration systems (e.g., Kubernetes or similar) - Improve workload isolation, scheduling boundaries, and runtime protections - Evaluate tradeoffs in multi-tenant execution models ### Identity & Access Management - Design and improve authentication and authorization systems across services - Implement strong service-to-service identity and least-privilege access patterns - Improve access controls across infrastructure and internal systems ### Secrets & Key Management - Build and maintain systems for securely managing secrets, tokens, and credentials - Improve rotation, auditing, and access controls - Reduce secret sprawl and integrate secure patterns into developer workflows ### Cloud & Infrastructure Security - Secure cloud environments across providers (AWS, GCP, etc.) with a focus on consistency and portability - Improve network boundaries, service segmentation, and access controls - Embed security into infrastructure-as-code and deployment systems ### Engineering Partnership - Work closely with product and infrastructure teams to design secure systems from the ground up - Review architecture and code for security risks and provide actionable guidance - Identify patterns in risks and drive cross-cutting improvements ## Requirements ### Core Experience - Experience securing cloud-native infrastructure and distributed systems in production - Background in infrastructure, backend, or security engineering - Experience working in multi-tenant or high-scale environments ### Technical Depth - Strong understanding of containerization and orchestration systems (e.g., Kubernetes or similar) - Experience designing or securing isolation mechanisms in multi-tenant systems - Solid understanding of authentication, authorization, and service identity models - Experience with secrets management and secure handling of credentials - Strong foundation in networking concepts (segmentation, service communication, access boundaries) ### Mindset - Builder mentality, you design and implement, not just review - Pragmatic approach to security in fast-moving environments - Comfortable working deeply with engineers and influencing system design ## Preferred Qualifications - Experience with sandboxing or runtime isolation technologies (e.g., gVisor, Firecracker, seccomp, or similar) - Familiarity with kernel-level or low-level isolation primitives - Experience securing Kubernetes or similar orchestration systems in production - Background in developer infrastructure, compute platforms, or multi-tenant systems **Apply:** https://hotfix.jobs/jobs/infrastructure-security-engineer-at-modal-fd5d7848-b00b-47c6-b51e-233575641c08 **Canonical:** https://hotfix.jobs/jobs/infrastructure-security-engineer-at-modal-fd5d7848-b00b-47c6-b51e-233575641c08