Skip to content

Infrastructure Security Engineer

Designs and implements security controls for cloud infrastructure, Kubernetes, and deployment systems. Partners with engineering teams to review architectures, automate preventative measures, and remediate vulnerabilities. Requires 3+ years experience, Bachelor's degree, and proficiency in AWS, IaC tools, and programming.

134k – 186kUnited StatesSecurity EngineeringRemote3+ YOE

About the role

How you’ll make an impact

  • Design and implement security controls for cloud, platform, and deployment systems, with a focus on secure defaults and durable risk reduction.
  • Partner with platform, SRE, and infrastructure teams to review architecture and infrastructure changes, identify security risks, and drive practical remediation plans.
  • Build and improve automation for infrastructure security, including controls for cloud IAM, Kubernetes and container environments, secrets handling, and infrastructure-as-code workflows.
  • Identify and remediate systemic weaknesses such as misconfigurations, exposed services, weak trust boundaries, and insecure defaults in production environments.
  • Support infrastructure vulnerability management by helping prioritize findings, validate fixes, and improve how issues are detected and prevented over time.
  • Help assess and improve security controls for AI-assisted developer workflows and GenAI-enabled systems, including agentic tooling, coding assistants, and internal AI integrations that interact with production or sensitive environments.
  • Respond to production security issues, investigate root causes using logs, dashboards, and system context, and contribute follow-up improvements that strengthen the platform.
  • Contribute to team effectiveness by documenting patterns, participating in design and code reviews, and helping raise the security quality bar across engineering.

Minimum Qualifications

  • Bachelor’s degree and 3+ years of experience in security engineering, infrastructure engineering, or a related software engineering role.
  • Experience securing or operating cloud-native infrastructure in AWS or a similar cloud environment.
  • Experience with one or more of the following domains: cloud IAM, Kubernetes/container security, network security, secrets management, or infrastructure vulnerability management.
  • Experience writing code or automation in Python, Go, Java, or a similar programming language.
  • Experience reviewing system designs, infrastructure changes, or architecture proposals and driving actionable security outcomes.
  • Experience with infrastructure-as-code and CI/CD tooling such as Terraform, Helm, GitHub Actions, or similar technologies.
  • Experience investigating and resolving moderately complex production or security issues using logs, metrics, and debugging tools.
  • Experience using AI-assisted engineering tools responsibly, with an understanding of security considerations such as sensitive data exposure, unsafe automation, access boundaries, or insecure use of generated code and infrastructure changes.

Preferred Qualifications

  • Experience building preventative guardrails or automated controls that are adopted by multiple engineering teams.
  • Familiarity with production access control patterns for engineers and service identities.
  • Experience with Kubernetes, service-to-service trust models, workload identity, or runtime security controls.
  • Experience improving cloud posture management, hardening baselines, or drift detection programs.
  • Familiarity with security considerations for AI-assisted engineering workflows, including code generation or code review tooling.
  • Experience partnering with Risk, Compliance, or Audit teams in a regulated environment.
  • Security certifications such as AWS Security Specialty, GCP Professional Cloud Security Engineer, CISSP, or equivalent practical expertise.

Skills

AWSKubernetesTerraformPythonGoJavaHelmGitHub ActionsCloud IamSecrets Management

Insider Threat Analyst

Insider Threat Analyst responsible for triaging alerts, conducting investigations, and mitigating insider risks using SIEM, UBA, and DLP tools. Requires 3+ years in security operations or investigations with strong cross-functional collaboration skills.

135k – 159kUnited StatesSecurity EngineeringRemote3+ YOEUbaDlp

Fraud And Abuse Operations Analyst

As a Fraud and Abuse Operations Analyst, you will be the first line of defense against fraud and abuse on the Plaid platform. You will investigate claims, triage incidents, and partner with product and engineering teams to improve fraud mitigation strategies.

138k – 163kSan Francisco, CA +4Security EngineeringHybrid3+ YOEAISQL

Software Engineer, Infrastructure & Security

Build secure, scalable backend systems for AI infrastructure serving government customers. Requires active security clearance (TS/SCI capable), full-stack expertise, cloud-native tech like Kubernetes/Docker, and hybrid office presence in DC or St. Louis.

138k – 259kSan Francisco, CA +3Security EngineeringHybridAWSGCP

Security Engineer, Cloud Infrastructure

Designs and implements cloud security architectures including multi-account AWS isolation, Kubernetes hardening, and CSPM with Wiz for enterprise tenant separation. Requires 5+ years in cloud/infrastructure security, IaC expertise, and production experience.

130k – 500kSan Francisco, CA +1Security EngineeringHybrid5+ YOEAWSWiz

Security Engineer, Application Security

Owns application security by embedding review workflows in SDLC, building SAST/DAST pipelines in CI/CD, managing vulnerability remediation, and operating bug bounty programs. Requires 5+ years experience finding/fixing vulnerabilities, strong skills in Python/TypeScript/Go, and SAST/DAST tooling.

130k – 500kSan Francisco, CA +1Security EngineeringOn-site5+ YOEGoSnyk