Responsibilities:

• Build and maintain identity and secrets management systems, including credential issuance, rotation, and workload authentication across our multi-cloud environments
• Contribute to cluster security controls including RBAC policies, namespace isolation, workload identity, and pod security
• Implement and maintain cloud security controls including IAM, network segmentation, VPC architecture, and encryption across our multi-cloud and on-prem environments
• Design and implement secure development frameworks and libraries that make secure coding the path of least resistance for our engineering teams, including service to service authentication, serialization libraries, and tool proxies.
• Harden CI/CD pipelines against supply chain attacks through isolated build environments, signed attestations, dependency verification, and automated policy enforcement
• Identify and remediate security gaps through code review, threat modeling, and hands-on debugging
• Contribute to continuous cloud security posture management using infrastructure-as-code scanning, misconfiguration detection, and automated remediation

You may be a good fit if you have:

• At least 5 years of software engineering experience implementing and maintaining security-relevant systems in production
• Bachelor's degree in Computer Science or equivalent industry experience
• Strong programming skills in Python or at least one systems language such as Go or Rust
• Experience contributing to cloud security controls
• A track record of taking ownership of problems end to end, from identifying the issue to shipping and monitoring the fix
• Clear communication skills and the ability to work collaboratively across engineering teams
• Low ego and high empathy, with a genuine interest in helping teammates succeed
• Passion for AI safety and the role security engineering plays in building trustworthy AI systems

Strong candidates may also have:

• Contributions to developer security tooling including SAST, dependency scanning, or secure build infrastructure
• Familiarity with Kubernetes security primitives including RBAC, namespaces, network policies, and admission controllers
• Experience with cloud security posture management tooling, infrastructure-as-code security scanning, or automated remediation
• Experience with network security and isolation techniques including east-west controls, traffic inspection, and cloud network policy
• Experience with eBPF for security monitoring and enforcement, or developing kernel security policies
• Experience building secrets management or workload authentication systems, including familiarity with protocols such as OAuth 2.0, OIDC, SAML, or SPIFFE/SPIRE
• Background building or operating security systems in environments that support research workflows and rapid iteration

Deadline to apply: None. Applications will be reviewed on a rolling basis.

The annual compensation range for this role is listed below.

For sales roles, the range provided is the role's On Target Earnings ("OTE") range, meaning that the range includes both the sales commissions/sales bonuses target and annual base salary for the role.

Annual Salary:

$320,000-$405,000 USD

Logistics

Minimum education: Bachelor's degree or an equivalent combination of education, training, and/or experience

Required field of study: A field relevant to the role as demonstrated through coursework, training, or professional experience

Minimum years of experience: Years of experience required will correlate with the internal job level requirements for the position

Location-based hybrid policy: Currently, we expect all staff to be in one of our offices at least 25% of the time. However, some roles may require more time in our offices.

Visa sponsorship: We do sponsor visas! However, we aren't able to successfully sponsor visas for every role and every candidate. But if we make you an offer, we will make every reasonable effort to get you a visa, and we retain an immigration lawyer to help with this.

We encourage you to apply even if you do not believe you meet every single qualification. Not all strong candidates will meet every single qualification as listed. Research shows that people who identify as being from underrepresented groups are more prone to experiencing imposter syndrome and doubting the strength of their candidacy, so we urge you not to exclude yourself prematurely and to submit an application if you're interested in this work. We think AI systems like the ones we're building have enormous social and ethical implications. We think this makes representation even more important, and we strive to include a range of diverse perspectives on our team.