The Role:We're looking for an Infrastructure Security Engineer to design and secure the core systems that power our platform. This role focuses on building security directly into our infrastructure-from container isolation and orchestration to identity and secrets management in a multi-tenant, cloud-native environment.
You'll work closely with engineering teams to define secure primitives and ensure our platform is resilient, scalable, and trustworthy by design.
This is a hands-on, deeply technical role focused on real systems, not compliance or policy.
What You'll Do:Platform & Runtime Security- Design and improve isolation mechanisms for multi-tenant workloads (containers, sandboxing, execution environments)
- Strengthen boundaries between customers, workloads, and internal systems
- Identify and mitigate risks in distributed, dynamic compute environments
Container & Orchestration Security- Secure and harden containerized workloads and orchestration systems (e.g., Kubernetes or similar)
- Improve workload isolation, scheduling boundaries, and runtime protections
- Evaluate tradeoffs in multi-tenant execution models
Identity & Access Management- Design and improve authentication and authorization systems across services
- Implement strong service-to-service identity and least-privilege access patterns
- Improve access controls across infrastructure and internal systems
Secrets & Key Management- Build and maintain systems for securely managing secrets, tokens, and credentials
- Improve rotation, auditing, and access controls
- Reduce secret sprawl and integrate secure patterns into developer workflows
Cloud & Infrastructure Security- Secure cloud environments across providers (AWS, GCP, etc.) with a focus on consistency and portability
- Improve network boundaries, service segmentation, and access controls
- Embed security into infrastructure-as-code and deployment systems
Engineering Partnership- Work closely with product and infrastructure teams to design secure systems from the ground up
- Review architecture and code for security risks and provide actionable guidance
- Identify patterns in risks and drive cross-cutting improvements
Requirements:Core Experience- Experience securing cloud-native infrastructure and distributed systems in production
- Background in infrastructure, backend, or security engineering
- Experience working in multi-tenant or high-scale environments
Technical Depth- Strong understanding of containerization and orchestration systems (e.g., Kubernetes or similar)
- Experience designing or securing isolation mechanisms in multi-tenant systems
- Solid understanding of authentication, authorization, and service identity models
- Experience with secrets management and secure handling of credentials
- Strong foundation in networking concepts (segmentation, service communication, access boundaries)
Mindset- Builder mentality, you design and implement, not just review
- Pragmatic approach to security in fast-moving environments
- Comfortable working deeply with engineers and influencing system design
Preferred Qualifications:- Experience with sandboxing or runtime isolation technologies (e.g., gVisor, Firecracker, seccomp, or similar)
- Familiarity with kernel-level or low-level isolation primitives
- Experience securing Kubernetes or similar orchestration systems in production
- Background in developer infrastructure, compute platforms, or multi-tenant systems