Staff Software Engineer, Security

What You'll Be Working On

• Architect & Build: Design, implement, and maintain highly scalable, distributed software systems that form Crusoe's core security engineering foundation.
• Strategic Partnership: Partner closely with product security, infrastructure security platform engineering, and specialized security domain teams to translate complex business and regulatory needs into durable, automated technical solutions while retaining complete engineering ownership.
• Data & Control Pipelines: Develop high-throughput control integrations and data pipelines to collect, normalize, and analyze security telemetry across identity systems (IAM), logs, vulnerability scanners, and continuous compliance (CCM/GRC) tools.
• Metrics & Visibility Engines: Architect advanced metrics engines, real-time dashboards, and analytics insights pipelines that provide continuous visibility into overall compliance health, technical risk posture, and emerging security threats.
• Technical Leadership: Provide technical direction, mentorship, and architectural oversight across the security engineering team, fostering a culture of high engineering standards, operational excellence, and continuous technical innovation.
• Scaling product security controls: Integrate and scale automated security checks within CI/CD pipelines to ensure consistent security enforcement.
• Platform Security Infrastructure: Architect and manage critical platform security services at scale, specifically PKI infrastructure, SPIFFE/SPIRE for identity, and HashiCorp Vault for secrets management, ensuring secure credential handling and identity management across our distributed environment.
• Production-Grade Systems: Engineer secure, high-throughput distributed systems, utilizing deep Linux knowledge and Kubernetes expertise to solve complex infrastructure-level challenges.

On This Team, You Will

• Tackle complex security and compliance puzzles at cutting-edge scale within cloud and distributed infrastructure.
• Collaborate with a brilliant, multidisciplinary team of engineers who are redefining compliance adherence for modern infrastructure.
• Have the freedom, autonomy, and responsibility to innovate, experiment, and heavily influence how Crusoe establishes its core security assurance pipelines.

What You'll Bring to the Team

• Education: Bachelor’s degree in Computer Science, Information Security, a related technical field, or equivalent practical job experience.
• Software Engineering: 8+ years of professional software development experience, with at least 5+ years of hands-on, production-grade programming experience in languages like Go, Rust.
• Orchestration & Containers: 4+ years of hands-on experience deploying on, securing, and managing applications at scale on Kubernetes and public cloud environments.
• System Architecture: Proven track record of designing, building, and operating high-QPS, fault-tolerant, and mission-critical distributed systems.
• Cloud & Infrastructure: Strong hands-on experience with major public cloud infrastructure provider platforms (GCP or AWS).
• CI/CD & IaC: Deep familiarity with modern continuous integration and continuous deployment pipelines, alongside robust Infrastructure-as-Code (IaC) tooling practices.
• Data Flow Design: Strong experience engineering technical architectures involving complex data flows, event-driven architectures, fine-grained access controls, data retention management, and secure third-party integrations.

Technical Expertise

• Infrastructure & Systems: Expert-level proficiency in distributed systems, infrastructure automation, and developing robust, automated abstractions (like Kubernetes operators or platform-level service meshes) to manage infrastructure complexity.
• Kubernetes Internals: Deep operational experience managing Kubernetes at scale, troubleshooting complex cluster issues, developing operators, and optimizing the control plane.
• Security Platform Engineering: Demonstrated experience implementing and maintaining identity and secrets management solutions such as HashiCorp Vault and SPIFFE/SPIRE in production environments.

Bonus Points

• Advanced understanding of authentication, authorization at scale in distributed systems.
• Experience engineering security tools or telemetry platforms within large-scale AI/ML or high-performance computing environments.
• Active contributor to open-source security engineering projects or frameworks.

Benefits

• Competitive compensation and equity packages
• Restricted Stock Units
• Paid time off, paid holidays & leave of absence programs
• Comprehensive health, dental & vision insurance
• Employer contributions to HSA account
• Paid parental leave
• Paid life insurance, short-term and long-term disability
• Professional development & tuition reimbursement
• Mental health & wellness support
• Commuter benefits (parking & transit)
• Cell phone stipend
• 401(k) Retirement plan with company match up to 4% of salary
• Volunteer time off
• Global travel insurance & emergency assistance
• Daily meals allowance
• Additional perks & programs specific to location

Compensation will be paid in the range of up to $215,000 - $260,000 + Bonus. Restricted Stock Units are included in all offers.