Information Security Engineer, Bare Metal

Fluidstack

$120K — $150K *
Information Technology
Less than 5 years of experience
Job Overview by Ladders

Qualifications

  • 5-7 years in information security or infrastructure engineering with bare metal or high-scale cloud focus.
  • Expertise in hardening Linux systems and network security (TCP/IP, VPNs, firewall rulesets).
  • Practical implementation of encryption at both disk and hardware levels; familiarity with HSM and trusted computing.
  • Proficiency in automation using languages like Python, Go, or Rust, and experience with configuration management tools.
  • Strong cross-team collaboration and clear communication of security decisions.
  • Bonus: Experience with BMC platforms and compliance standards; relevant certifications like CISSP or OSCP.

Responsibilities

  • Own complete security for bare metal fleet's servers from supply chain to decommissioning.
  • Design hardened OS images with automated security checks and configuration drift detection.
  • Define BMC security models focusing on access control, credential management, and logging.
  • Collaborate with networking on zero-trust architectures and micro-segmentation.
  • Implement encryption and key management solutions at scale, ensuring secure practices by default.
  • Lead threat modeling and security reviews for new hardware and network setups, addressing incidents promptly.

Benefits

  • High autonomy in decision-making and responsibility for projects.
  • Fast-paced environment aiming for swift progress.
  • Encouragement to challenge assumptions and innovate without ego.
  • Opportunity to work on cutting-edge AI security challenges.
Full Job Description
How We Operate
  • High ownership. Full autonomy. Own things end to end often taking on scope outside your core role without being asked to get things done.
  • Velocity. We drive everything forward as fast as possible.
  • First principles. Challenge every assumption. Zero analogy thinking, no egos, the best idea wins.
  • Love of the game. The frontier of AI is the most interesting problem of our time. We put in long hours at high intensity to push the frontier forward.
The Security Team

Examples of key problems the team is working on
  • You're securing the frontier of AI. The model weights training on our infrastructure are the most valuable and most targeted artifacts in technology, and we're standing up the compute to hold them faster than anyone ever has. A breach isn't a leak, it's the frontier walking out the door.
  • Build the entire security program from scratch. Most leaders inherit someone else's system and spend a career patching it. Here you own it end to end, bare metal to boardroom, as we scale across continents.
  • Your threat surface is measured in gigawatts. The customers running on our infrastructure are building the most consequential technology in human history, and being responsible for the physical and logical security of that work makes everything else feel small.
Role Scope
  • Own end-to-end security for every server in the bare metal fleet, from supply chain and provisioning through hardening, operation, and secure decommissioning.
  • Design and maintain hardened golden OS images with automated vulnerability scanning, patch pipelines, and configuration-drift detection.
  • Define and enforce the BMC security model (access control, credential rotation, audit logging, firmware integrity) for one of the most under-defended surfaces in the industry.
  • Partner with network engineering on micro-segmentation, IDS/IPS, and firewall architecture, applying zero-trust from the top-of-rack up.
  • Implement data-at-rest encryption, key management, and secure storage access at fleet scale, and build the automation that makes secure-by-default the path of least resistance.
  • Lead threat modeling and security reviews for new hardware platforms and network designs, and respond to incidents touching the physical fleet.
What We're Looking For

The below is a starting point. We always make space for exceptional people, so if you don't fit this role exactly, tell us where you would.
  • You've worked in information security or infrastructure engineering with a strong focus on bare metal, IaaS, or high-scale cloud infrastructure.
  • You harden Linux deeply (SELinux, AppArmor, kernel-level security) and command network security (TCP/IP, VPNs, firewall rulesets, zero-trust).
  • You implement encryption in practice, including disk-level (LUKS) and hardware-level, and you understand HSMs and trusted computing (TPM/TXT).
  • You automate fluently in Python, Go, or Rust, with configuration management (Ansible, Puppet, Chef).
  • You work well across engineering teams and communicate security decisions clearly.
  • Bonus: BMC platforms (OpenBMC, iDRAC, iLO). Hardware root of trust and secure boot. Compliance standards (SOC 2, ISO 27001, FedRAMP). CISSP, OSCP, or CEH.


We are committed to pay equity and transparency.

You will receive a confirmation email once your application has successfully been accepted. If there is an error with your submission and you did not receive a confirmation email, please email [redacted] with your resume/CV, the role you've applied for, and the date you submitted your application-- someone from our recruiting team will be in touch.

Similar Jobs

More Jobs at Fluidstack

  • Fleet Manager
    $90K — $120K *
    Austin, TX 78745 (Travis County)
    Transportation
    In-Person
  • Fleet Manager
    $90K — $130K *
    San Francisco, CA 94112 (San Francisco County)
    Transportation
    In-Person
  • Fleet Manager
    $90K — $120K *
    Remote
    Transportation
    Remote in United States
  • Fleet Manager
    $90K — $120K *
    Seattle, WA 98115 (King County)
    Transportation
    In-Person
  • Production Engineering Lead, Compute
    $130K — $180K *
    San Francisco, CA 94112 (San Francisco County)
    Technical Services
    In-Person

More Information Technology Jobs

Find similar Information Security Engineer, Bare Metal jobs: